Internet Explorer SSL Vulnerability :: essays research papers

AbstractInternet Explorers implementation of SSL contains a vulnerability thatallows for an active, undetected, man in the middle attack. No dialogsare shown, no warnings are given.======================================================================== commentaryIn the normal case, the decision maker of a web site might wish to providesecure communication via SSL. To do so, the administrator generates a corroboration and has it signed by a Certificate Authority. The generated enfranchisement should list the URL of the secure web site in the Common Namefield of the tell Name section.The CA verifies that the administrator legitimately owns the URL in the CNfield, signs the credential, and gives it back. Assuming theadministrator is trying to secure www.thoughtcrime.org, we now have thefollowing certificate social organizationCERT - Issuer VeriSign / Subject VeriSign- CERT - Issuer VeriSign / Subject www.thoughtcrime.orgWhen a web browser receives this, it should blaspheme that th e CN fieldmatches the domain it just connected to, and that its signed using aknow CA certificate. No man in the middle attack is possible because itshould not be possible to substitute a certificate with a valid CN and avalid signature.However, there is a slightly more complicated scenario. Sometimes it isconvenient to delegate signing authority to more localized authorities.In this case, the administrator of www.thoughtcrime.org would get a chainof certificates from the localized authorityIssuer VeriSign / Subject VeriSign- Issuer VeriSign / Subject Intermediate CA- Issuer Intermediate CA / Subject www.thoughtcrime.orgWhen a web browser receives this, it should verify that the CN field ofthe leaf certificate matches the domain it just connected to, that itssigned by the intermediate CA, and that the intermediate CA is signed by aknown CA certificate. Finally, the web browser should also stoppage that allintermediate certificates have valid CA Basic Constraints.You guessed it, In ternet Explorer does not check the Basic Constraints.==========================================================================ExploitSo what does this mean? This means that as far as IE is concerned, anyonewith a valid CA-signed certificate for ANY domain set up generate a validCA-signed certificate for ANY OTHER domain.As the unscrupulous administrator of www.thoughtcrime.org, I can generatea valid certificate and request a signature from VeriSignCERT - Issuer VeriSign / Subject VeriSign- CERT - Issuer VeriSign / Subject www.thoughtcrime.orgThen I generate a certificate for any domain I want, and sign it using myrun-of-the-mill joe-blow CA-signed certificateCERT - Issuer VeriSign / Subject VeriSign- CERT - Issuer VeriSign / Subject www.thoughtcrime.org- CERT - Issuer www.thoughtcrime.org / Subject www.amazon.comSince IE doesnt check the Basic Constraints on the www.thoughtcrime.orgcertificate, it accepts this certificate chain as valid forwww.amazon.com.Anyone with any CA-signed certificate (and the corresponding private