25C3: Severe Vulnerabilities in SSL and SSH
The last day of the four-day 25C3 congress in Berlin ended with an edge of suspense. In keeping with the theme of the congress, speakers had "nothing to hide" about well-known and new vulnerabilities in two of the most important Internet security protocols, SSH and SSL.
The presentation by Luciano Bello und Maximiliano Bertacchini covered the pseudorandom number generator (PRNG) vulnerability that had plagued Debian the middle of 2008. The two Argentineans once again worked the vulnerability and concluded emphatically that the problem affects not only Debian server admins, but all system admins whose hosts had at one time used Debian to create certificates. Furthermore, the problem affects not just SSH, but GnuPG-signed data and SSL certificates created with libssl.
The speakers ended with an arcane rundown on how theoretical weaknesses in the MD5 hash function could have serious practical consequences. An international team assembled by Hackerspace activist Jacob Appelbaum had identified how a complete root certificate can be generated that all web browsers would unfortunately accept.
The team was looking for an SSL found in current browsers that uses the MD5 hash function, even though MD5 (dating from 1991) "has been broken" since 2004 and caused further vulnerabilities in 2007. The rogue Certification Authority (CA) they could produce had the same hash fingerprint as its originator, which experts call a collision. The collision allows modification via a calculation of a limited number of bytes. The team used a cluster of 200 Playstation 3 machines outfitted with Cell processors and spent three days simulating the collisions. (The alternative would have been running on an Amazon EC2 at a cost of about $20,000.)
The researchers and developers registered a domain and allowed a CA to generate a legitimate SSL certificate by using the old MD5 hash. They then created a collision that produced a sub-certificate and by some scripting and good luck found a certificate with a requested serial number and a defined timestamp (both being required for the attack). Within four weekends they had the rogue SSL certificates they wanted, at a cost of under $1,000.
If a man-in-the-middle attacker could divert the SSL-secured connection and present his own certificate, signed by the falsified sub-certificate, instead of the one requested by the server, no browser would have a chance to recognize the manipulation. These kinds of attacks could pose a serious threat, for example, to e-banking applications with SSL-secured IMAP servers or that run over SSL VPNs. Because the discovers of the attacks don't want to reveal the certificates, there's only a brief window in which browser makers, CAs, and finally users can update their applications.
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Fedora 41 Released with New Features
If you're a Fedora fan or just looking for a Linux distribution to help you migrate from Windows, Fedora 41 might be just the ticket.
-
AlmaLinux OS Kitten 10 Gives Power Users a Sneak Preview
If you're looking to kick the tires of AlmaLinux's upstream version, the developers have a purrfect solution.
-
Gnome 47.1 Released with a Few Fixes
The latest release of the Gnome desktop is all about fixing a few nagging issues and not about bringing new features into the mix.
-
System76 Unveils an Ampere-Powered Thelio Desktop
If you're looking for a new desktop system for developing autonomous driving and software-defined vehicle solutions. System76 has you covered.
-
VirtualBox 7.1.4 Includes Initial Support for Linux kernel 6.12
The latest version of VirtualBox has arrived and it not only adds initial support for kernel 6.12 but another feature that will make using the virtual machine tool much easier.
-
New Slimbook EVO with Raw AMD Ryzen Power
If you're looking for serious power in a 14" ultrabook that is powered by Linux, Slimbook has just the thing for you.
-
The Gnome Foundation Struggling to Stay Afloat
The foundation behind the Gnome desktop environment is having to go through some serious belt-tightening due to continued financial problems.
-
Thousands of Linux Servers Infected with Stealth Malware Since 2021
Perfctl is capable of remaining undetected, which makes it dangerous and hard to mitigate.
-
Halcyon Creates Anti-Ransomware Protection for Linux
As more Linux systems are targeted by ransomware, Halcyon is stepping up its protection.
-
Valve and Arch Linux Announce Collaboration
Valve and Arch have come together for two projects that will have a serious impact on the Linux distribution.