So Much for Safe Browsing (Temporarily)

Via Ed Felton, news of a medium-sized bombshell in Researchers Show How to Forge Site Certificates:

Today at the Chaos Computing Congress, a group of researchers (Alex Sotirov, Marc Stevens, Jake Appelbaum, Arjen Lenstra, Benne de Weger, and David Molnar) announced that they have found a way to forge website certificates that will be accepted as valid by most browsers. This means that they can successfully impersonate any website, even for secure connections.

This is a big deal. But as Ed explains, it is based on an making worse a known weakness in the “MD5 with RSA” hashing algorithm. It can be fixed by having Equifax, which uses this now shown-to-be-insecure hast, replace the hash with something better. And having Equifax (and anyone else using it) revoking all existing certs based on this now vulnerable hash. (Which will cause a new wave of people ignoring security warnings…)

And, as Ed wisely notes,

… this is a sobering reminder that the certification process that underlies web site authentication —- a mechanism we all rely upon daily —- is far from bulletproof.

This entry was posted in Cryptography, Internet. Bookmark the permalink.

2 Responses to So Much for Safe Browsing (Temporarily)

  1. Melinda says:

    The way certificates are used is generally a problem, since you don’t actually have to forge a certificate to get a naive user to accept it. (The browser reports a problem with the certificate and asks if it should be accepted anyway; the user typically hits the “You betcha” button). There have been some moderately interesting discussions in the IETF about how to deal with deprecating a widely-deployed hash – you may or may not be interested in

  2. LACJ says:


    That’s true, because frankly the common user has no idea what option they have. Well, I want to read the page, ergo…

    And I do like your ‘You betcha’ button.

Comments are closed.