Rogue Google SSL Certificate Found in the Wild

By on August 30th, 2011 08:46 GMT

A rogue Google SSL certificate issued by DigiNotar, a Certificate Authority (CA) based in the Netherlands, was found in the wild being used in a man-in-the-middle attack against Gmail users.

The certificate was spotted by an Iranian user when he tried to access Gmail thanks to an error displayed by Google Chrome.

The certificate was issued for *.google.com by DigiNotar on July 10, 2011, which means it could have been used for attacks against most Google services for over 5 weeks until it was revoked by the Dutch CA.

This is a major security breach in the public key infrastructure (PKI) which relies on root Certificate Authorities to issue certificates that identify domain names.

Serious questions about the security of the CA-based model have been raised back in March when an Iranian hacker managed to break into a Comodo reseller and issue rogue certificates for many high-profile websites.

That incident, which fortunately didn't led to any abuse, resulted in discussions about the future of PKI and led to additional protections being built into browsers.

Google introduced a feature called certificate pinning in Chrome 13, which is why this new attack was detected. Certificate pinning associates a domain with a very limited number of Certificate Authorities.

Since DigiNotar was not one of those associated with Gmail, Chrome issued a SSL error which prompted the Iranian user to investigate. Google has alerted Microsoft, Mozilla and other vendors that trust certificates from DigiNotar by default.

All of the three vendors have issued or plan to issue updates for their products that completely remove DigiNotar from the list of trusted CAs, an unprecedented measure hailed by the security community.

This is required because it's not yet clear how the rogue certificate was issued in the first place and until that happens no certificate from DigiNotar can be trusted.

It is also hoped that the drastic measure will serve as a warning for other CAs of what can happen if they don't take security seriously and don't enforce restrictions on their certificate issuing processes.

1 Comment