Mozilla, Microsoft Move to Nix Web Security Flaw

Digital certificate security

A vulnerability in a widespread digital certificate technology has lit a fire under major Internet stakeholders, prompting moves by Microsoft, the Mozilla Foundation and others to prevent attackers from using the hack to endanger secure Web sites.

Researchers yesterday announced they had found a flaw in MD5, or Message-Digest algorithm 5 , a cryptographic technique used in a variety of security applications, including secure Web site certificates.

Digital certificate vouch for the safety of numerous types of secure online communications, like e-commerce transactions.

In response, Microsoft (NASDAQ: MSFT) and Mozilla each said they are working with affected certification authorities, or CAs, to ensure they update their issuing processes to prevent this threat from harming users of the Internet Explorer and Firefox browsers. CAs act as trusted third parties to issue online certificates guaranteeing that the certificate’s owner, an e-commerce site, for example, is who it claims to be.

Mozilla’s Johnathan Nightingale, a security and usability specialist at the group, said that the attack could pose a threat to some users but that Mozilla is not aware of any instances of it occurring.

“We advise users to exercise caution when interacting with sites that require sensitive information, particularly when using public internet connections,” he wrote in a post on Mozilla’s security blog. “This is not an attack on a Mozilla product, but we are nevertheless working with affected certificate authorities to ensure that their issuing processes are updated to prevent this threat.”

Likewise, Microsoft issued Security Advisory 961509, in which it said the vulnerability does not significantly increase the risk to customers, since its discoverers had not published the cryptographic background to the flaw, which hackers would need to mount an attack.

“Microsoft is not aware of any active attacks and is working with certificate authorities to ensure they are aware of this new research and is encouraging them to migrate to the newer SHA-1 signing algorithm,” Christopher Budd, security response communications lead for Microsoft, told in an e-mail.

Microsoft and Mozilla aren’t the only ones working to mitigate the threat. The team responsible for uncovering the vulnerability said most of the affected certificates it found online had been issued by the RapidSSL unit of VeriSign (NASDAQ: VRSN).

VeriSign, one of the largest CAs, yesterday said it had responded to the vulnerability by transitioning its RapidSSL certificates from MD5 to the stronger SHA-1 algorithm. The company today added that it would replace existing RapidSSL certificates using MD5 with new ones using SHA-1 free of charge.

SHA-1, or Secure Hash Algorithm, was developed by the National Security Agency (NSA) in 1993 to replace MD5 and MD4, an earlier technology. It was followed by SHA-2. According to Microsoft, Web sites that use Extended Validation certificates, which are always signed using SHA-1, will show a green address bar in most modern browsers — enabling users to verify that they’re protected by the stronger technology.

Budd added that Microsoft would continue to monitor the situation and would provide updates to its advisory and on the company’s Microsoft Security Response Center and Security, Vulnerability, Research and Defense blogs.

Others also said the threat won’t impact many online users.

Holders of existing certificates signed with MD5 will not be affected because attackers using the new exploit must issue new certificates, Christina Rohall, a spokesperson at VeriSign, told in an e-mail.

Breaking it down

The attack on MD5 was conducted by seven researchers in the U.S., Switzerland and the Netherlands, who presented their findings at the Chaos Computer Club’s 25th annual conference in Berlin yesterday.

They created a rogue CA that was accepted by all common Web browsers, according to their blog. Creating a rogue CA enables the creator to intercept traffic to a secure Web site — potentially enabling them to steal sensitive information such as passwords and credit card data.

The security industry has long known that MD5 is flawed, and both VeriSign and Microsoft say the industry is moving away from MD5 to SHA-1. VeriSign had planned to complete its own transition to the stronger technology by the end of January, but said yesterday that it had been forced to speed things up after the researchers’ announcement.

However, moving to SHA-1 will not render users entirely safe. Both versions of SHA are facing threats, and the U.S. Department of Commerce’s National Institute of Standards and Technology has begun encouraging the development of replacements.

News Around the Web