Survey: One in seven SSL certificates are weak

[Brian Warkoczeski]

Survey: One in seven SSL certificates are weak

Jan. 5, 2009

www.securityfocus.com

About 14 percent of all Web sites use digital certificates signed using 
the vulnerable MD5 hashing algorithm, according to a survey performed by 
network-monitoring firm Netcraft.

The survey, which examines an "extensive portion" of the Internet, found 
that RapidSSL — now owned by VeriSign and referred to as the Equifax 
brand — represents the vast majority of vulnerable digital certificates. 
Last week, researchers announced in Berlin, Germany, that they had 
successfully created a rogue certificate authority — whose signatures 
would be accepted by any Web browser as valid — using known weaknesses 
in the MD5 algorithm. The researchers also need to exploit weaknesses in 
RapidSSL's certificate issuance process to obtain the digital certificate.

VeriSign has stressed that it has protected all existing RapidSSL 
certificates from abuse.

"VeriSign, (the) owners of RapidSSL since 2006, have stated that they 
have stopped using MD5-signing for RapidSSL certificates, and will have 
phased out MD5-signing across all their certificate products by the end 
of January 2009," Netcraft said in its post revealing the results of the 
survey. "Other affected CAs are likely to follow suit, as SHA1 is well 
established and is already in use for the majority of SSL certificate 
signing, so it should be simple to switch to using this more secure 
alternative."

Hash algorithms are typically used to reduce a large data file — such as 
a Word document or e-mail message — to a simple, if sometimes long, 
number that can be used to identify the data, in the same way that 
fingerprints are used to identify humans. A good hash function gives a 
completely different result if the original file is changed even 
slightly. A variety of encryption and security functions use hashes, 
from integrity checks and digital signatures to the secure 
communications and trust infrastructure of the Internet.

On the Web, hash algorithms are used to sign the certificates that 
online stores, banks and other security-sensitive sites use to identify 
themselves and encrypt the communications channel between the site and 
its customers. Certificates are issued by certificate authorities (CAs), 
which are either trusted because they are a top-level, or root, 
authority or because they have been granted the ability to issue 
certificates by a root CA. All Web browsers maintain a list of trusted 
root certificate authorities as a way to verify certificates issued by 
those CAs. A certificate that appears to be issued by a trusted CA will 
be accepted as valid by all browsers.

Despite the discovery of major weaknesses in the MD5 hash algorithm, six 
certificate authorities continued to issue MD5-signed certificates in 
2008. The research group analyzed a sampling of 30,000 certificates from 
sites online and found that 30 percent were signed using MD5. Because of 
its popularity, RapidSSL accounted for nearly all — about 97 percent — 
of the MD5-signed certificates.

Netcraft's survey found the incidence of MD5-signed certificates to be 
half that of the researchers' survey.