When user visits a secure website encrypted with SSL (Secure Sockets Layer, now known as Transport Layer Security (TLS)) HTTPS protocol, such as e-Commerce and Internet Banking sites, most people will feel that the site is more trustworthy, reliable and unlikely to be a malicious or phishing web pages. However, the security associated with SSL may be things of a past as a team of researchers in California, Centrum Wiskunde & Informatica (CWI) in the Netherlands, EPFL in Switzerland, and Eindhoven University of Technology (TU/e) in the Netherlands reveal a serious security flaw in the SSL protocol, and presented it during the 25th Chaos Communication Congress (25C3) in Berlin.

The vulnerability exploits a bug in the MD5 cryptographic hashing algorithm used to create some of the digital certificates published by certification authority (CA). The crack works because hashes are used to create a digital “fingerprint” that is supposed to uniquely identify a document and can easily be calculated to verify that the document hasn’t been modified in transit. But the flaw in the MD5 algorithm makes it possible to create two different documents that have the same numerical hash value. Thus, someone can create a rough digital certificate for a phishing site that has the same fingerprint as the certificate for a genuine Web site, effectively allow web sites to prove that they’re what they claim to be, although in reality they’re not.

With about 200 PlayStation 3 (PS3) farm (its Cell processor is popular with code breakers because it is good at performing cryptographic functions), the researchers manage to create a rogue certificate authority (CA) which is an exact replicate clone of the genuine one, and used it to issue valid SSL certificates for any site they wanted. Even with the illegal spoof digitally signed cert, end user (nor their browser) would know that their HTTPS:// connection is being compromised if attacked.

So far, the researchers have managed to hack VeriSign’s RapidSSL.com certificate authority site and create fake digital certificates for any Web site on the Internet. Other CA sites that use MD5 to generate the digital certificates include VeriSign’s Japanese, TC TrustCenter AG, EMC RSA unit and Thawte.

You can view the rough cloned CA signed certificate at https://i.broke.the.internet.and.all.i.got.was.this.t-shirt.phreedom.org/

However, the weakness and vulnerability is not expected to pose significant risk, as cryptographic background to the attack is not published, and the attack is not repeatable without this information. Besides, and most importantly, most of the certificate authority vendors that issue digital certificates have been using the more secure SHA-1 algorithm.

Download the slides of the 25th Chaos Communication Congress (25C3) presentation on the SSL MD5 exploit crack: md5-collisions-1.0.ppt

Read the detailed information about the exploit on paper titled “MD5 considered harmful today – Creating a rogue CA certificate”.