Wednesday, 7 January 2009

OpenSSL vulnerability

There is a new vulnerability in OpenSSL in all versions prior to 0.9.8j, discovered by Google's security team. You will be happy to learn that the Grid PKI is not affected by the vulnerability since it uses RSA signatures throughout - only DSA signatures and ECDSA (DSA but with Elliptic Curves) are affected. (Of course you should still upgrade!)

Monday, 5 January 2009

New MD5 vulnerability announced

In 2006 two different MD5-signed certificates were created. A new stronger attack, announced last Wednesday (yes 30 Dec), allows the attacker to change more parts of the certificate, also the subject name. To use this "for fun and profit" one gets an MD5 end entity certificate from a CA (ideally one in the browser's keystore), and hacks it to create an intermediate CA which can then issue anything. Browsers generally accept this because then they trust the root and accept that the client sends an intermediate CA which the browser doesn't know about.
The IGTF's Risk Assessment Team (RAT) worked over the new year to analyse the threat and its implication for the Grid, including other attacks not proposed in the vulnerability announcement. The IGTF issued a statement about the vulnerability of the Grid. Essentially, CAs are trusted explicitly on the Grid (installed in/etc/grid-security/certificates) and the Grid is much less vulnerable than commercial PKIs (plus we have no CAs issuing MD5-signed end entity certs).
Note that while the Grid is not directly vulnerable, it is still possible to attack the Grid indirectly via the original proposal: e.g. if you fool the browser into thinking you're a trusted portal with a certificate from a commercial CA, and then you steal passwords such as MyProxy credentials.