Linked by Thom Holwerda on Mon 5th Sep 2011 22:26 UTC
Privacy, Security, Encryption So, people from within Iran have hacked the Dutch company DigiNotar, allowing them to issue fake certificates so they could listen in on Iranian dissidents and other organisation within Iran. This is a very simplified version of the story, since it's all quite complicated and I honestly don't even understand all of it. In any case, DigiNotar detected the intrusion July 19, but didn't really do anything with it until it all blew up in their face this past week. Now, the Dutch government has taken over operational management of DigiNotar... But as a Dutch citizen, that doesn't really fill me with confidence, because, well - whenever the Dutch government does anything even remotely related to IT technology, they mess it up. And mess it up bad.
Thread beginning with comment 488811
To view parent comment, click here.
To read all comments associated with this story, please click here.
Lennie
Member since:
2007-09-22

Lennie,

Wow, how did you hear about convergence?


I don't remember, but I only looked into it recently. Thinking it was very similair to the Perspectives project: http://perspectives-project.org/

Which pretty much only handles the man-in-the-middle-attack.

He says you can configure notaries to verify the CA signatures cryptographically as normal, but I'm honestly not sure what this mode buys us. What difference does it make whether the CA cert is validated in my browser or on a trusted notary server?


I'm not sure what you meant about what he said.

But here are the basics about how it should work as I understand it:
- based on the idea of the Perspectives project the fight the MitM-attacks
- adds privacy by allowing connections to the notaries to be proxied
- adds trust agility. A way to realtime blacklist certificates, CA's.

I think he means you can have a second or third CA also vouch for a certificate. Maybe that was the part you meant ?

Anyway, there are a lot of different things a notary could check for which makes it very flexible.

Reply Parent Score: 2

Alfman Member since:
2011-01-28

Lennie,

"I think he means you can have a second or third CA also vouch for a certificate. Maybe that was the part you meant ?"

That's not what I understood. I understood having second and third *notary* vouch for a certificate. So the burden of verifying the authenticity of a given certificate is shifted from the browser to several notaries.

The question becomes, how does the notary validate the certificate? It can automatically validates the CA's signature, but this is obviously no better than doing it in the browser. In other words, if diginotar's master key is leaked, then the notary has no way to cryptographically distinguish between legitimate and fraudulent certificates. Either the notary trusts the CA, in which case it trusts the fraudulent certificates, or it does not trust the CA, in which case it blocks legitimate certificates. Neither is acceptable; this is the exact same problem we face in the browser, only we've delegated the problem to a notary.

The perspective certificate validation mode offers a novel approach to detecting altered certificates. The theory being that everyone not under the influence of a man-in-the-middle should see the same certificate. If anyone sees a different certificate, it was probably altered and should be considered fraudulent.

I do like that this mode is automated and completely does away with CA's. This is pretty clever IMO, but not foolproof. Also, there are false positives (I speculate are caused by load balanced servers with different SSL certificates) which he referred to as the "citibank problem".

We can combine these metrics heuristically as he has proposed, however when they disagree we truly don't know which one is correct and we need an arbitrary tie breaker - we either trust the CAs over the notary consensus or visa versa. However once we do this, there is no reason to bother checking the less important factors at all (lookup short circuit evaluation).

Anyway, I am really glad you found this extremely relevant project. I think he's pushing the boundaries of what's possible with consensus based authentication and I'm really quite impressed that he built something that appears to work.

Reply Parent Score: 2

Lennie Member since:
2007-09-22

The question becomes, how does the notary validate the certificate?


I think what he means is you go to a second CA and get your existing certificate added to their notary (they have a whitelist) and people have that notary in the browser ?

Anyway I noticed on the github site, someone already made a fork of the server code ( https://github.com/nevins-b/Convergence ) and added Google DNS:
http://googleonlinesecurity.blogspot.com/2011/04/improving-ssl-cert...

No code with DNSSEC yet though.

Reply Parent Score: 2

Lennie Member since:
2007-09-22

I wonder how well this project would scale.

Would ISPs setup a notary(proxy) for their customers ?

Reply Parent Score: 2