The End of SSL Certificate Authorities

By: Michael Rash, Security Solutions Architect at Enterasys Networks.

The Blackhat Briefings consistently impacts the computer security landscape year after year, and 2011 is no different. One of the most important talks this year was Moxie Marlinspike’sSSL And The Future Of Authenticity. This talk blew the doors off of the entire Certificate Authority system that is place today for the Secure Sockets Layer (SSL), and proposed a viable (and better I might add) alternative called Convergence. The basic idea behind Convergence is that certificate authorities have too much power in the SSL system in that they cannot easily be distrusted and continue to have the Internet function properly. That is, once a CA becomes rather large and is used by the major browsers to verify SSL certificates for a significant portion of the Internet, there is no mechanism in SSL to be able to remove the CA from the browsers if the CA becomes untrustworthy. A bad CA can just be deleted from the browser CA list, but then the browser would generate SSL certificate warnings for any site that uses a cert that is supposed to be validated by the CA. This, by itself, may not sound so bad, but the real problem is that without a way to validate site certificates, anyone could issue a “valid” cert for a site and the hapless user would have no way to know it isn’t real. SSL essentially forces users to trust CA’s indefinitely. So, if a CA does something that demonstrates to users that it is untrustworthy – such as getting hacked, behaving badly, or both as in Comodo’s case - there is no alternative but to continue “trusting” the CA.

This is where Convergence comes in. Under the Convergence model, SSL certificates are no longer required to be verified by a CA. So, how can a user be confident that SSL communications with a site are using the proper certificates? The answer is that Convergence uses a set of intermediate nodes called “Notaries” that exist on various locations around the Internet. For any SSL connection initiated by a user to an SSL-protected site, Convergence downloads the site certificate from all of the configured Notaries and a comparison is performed. If the certificate is identical across all Notaries, then the user can have a lot of confidence that a MITM attack is not underway. At least, the user can certainly have more confidence in this validation than the validation performed by any hacked certificate authority. And, even if a user trusts that a CA hasn’t been hacked, the user doesn’t really know for sure. (Can any entity prove that it isn’t hacked at any given time?) For any given CA, there is an excellent chance that it will be hacked at some point in the future too.

Convergence offers some nice additional features, such as anonymization of SSL connections made through the Notaries, and it is easy for users to change the list of trusted Notaries. Moxie refers to the later as “trust agility”, and is one of the key reasons that replacing the CA system with Convergence is not just a different architecture – it fundamentally means that the power is put in the hands of users instead of the CA’s. What happens if a Notary is hacked? No problem – the user can simply remove that one from the list (and maybe add a new one) and everything continues to work.

What are the downsides to Convergence? In the short term there will be some growing pains as Convergence is ported to all of the major browsers. The version of Firefox that I run on Ubuntu is not supported yet for example. Some people have concerns over performance because now instead of a single SSL connection there are multiple connections involved as a site certificate is validated by multiple Notaries. However, Moxie has implemented a robust caching mechanism that addresses this concern, and in some cases this makes SSL connections faster.

Incidentally, according to Moxie, Comodo currently signs over one quarter of the SSL-enabled sites on the Internet. So, in the current model, if a user deletes Comodo from the browser CA list then one quarter of Internet SSL sites break. Comodo is not the only instance of a certificate authority getting hacked either – just two months ago in mid-July, 2011, a Dutch CA called “DigiNotar” was hacked as well and has gone bankrupt as a result. Just imagine would would happen if Verisign – which had over 47% of the SSL verification market in 2009 and was acquired by Symantec – were to get hacked as well. Users need an alternative for SSL certificate verification, and Convergence looks like an excellent solution. The bottom line is that even if the current CA system remains in place, as a frequent user of SSL, I would still want a way to verify that an SSL certificate looks the same from multiple locations regardless of what a CA tells me. In this sense, there is a good case for Convergence whether or not it is broadly adopted.

On a final note, Moxie presented Convergence at both Blackhat and Defcon, and as a bonus he was asked to participate on a panel discussion at Defcon with the legendary Whitfield Diffie of Diffie-Hellman key exchange fame. During this panel, Moxie hinted that a current CA is looking at deploying Convergence. This is perhaps a validation that Convergence is a shot across the bow of certificate authorities in general, and that they should pay close attention.

Health Care Records…Update, Secure, Finance

By: Dan O’Donnell

Many health organizations are looking at the potential of Electronic Health Records. Some are already converting. There can be significant productivity increases, particularly in the largest of organizations by upgrading medical record management, storage and distribution to a digital format. There are also financial incentives in the form of grants and loans from the federal government to encourage this movement. The transition will not be easy and, as with any new technology, there are risks to be managed.

First the good news…The HITECH Act SEC. 3011 provides for “Immediate Funding to Strengthen the Health Information Technology Infrastructure.” This section provides for grants and loans to upgrade information technology architecture, develop Electronic Health Records (EHR) systems, improve and expand the use of health information technology, promote interoperability of clinical data repositories and provide training on the integration of electronic health records into a provider’s delivery of care.

The move to EHR carries some potential liability as well. We are all familiar with physical security in the paper world. Park a guard in front of the door and sign everyone with proper credentials in and out. In the cyber world, network security and protection of confidential information is more complex. Most EHR systems have security features that comply with HIPAA but that might not be enough.

The HIPAA Security Rule for Technical Safeguards states, among other things, that Information Systems housing Protected Health Information (PHI) must be protected from intrusion. It also requires that organizations implement and document risk analysis and risk management programs. This places the responsibility of risk management on the health organization. This point is important. It is not enough just to comply with the minimum standard. If a breach occurs, the health organization may still be liable if reasonable precautions have not been taken to protect the compromised protected information. A comprehensive program should be in place to prevent PHI from being used for non-health purposes or from being leaked through malicious attacks or employee conduct.

There is very little guidance in these laws and regulations exactly how to configure and use the security features that are incorporated in the EHR systems. So here are a few ideas. In addition to endpoint authentication, encryption and integrity protection of the data itself, give some thought to the network architecture, specifically protecting your perimeter.

The Big Three of network perimeter security are Intrusion Prevention Systems (IPS) to prevent attacks from the outside, Data Leakage Protection (DLP) to protect confidential data with strict access policies and a strong Network Monitoring appliance. The glue that holds all this together is a permanent Network Access solution. The appliances need access to the data. The Network Access system provides the access and also protects the reliability and availability to your network without introducing any delay. As an example configuration, the Smart Network Access system by Network Critical allows in-line connectivity to the IPS and DLP appliances and also makes a copy of all the data to the Monitor Appliance all with a single connection into the live link.

For maximum network performance, security and compliance when working with very sensitive and confidential data protect the perimeter with the Big Three and a flexible Network Access System. A final thought…Electronic Health Records systems are the future. Providing personal record privacy and information security are critical to building and maintaining client trust in the system.

That’s So 80′s

By Dan O’Donnell

It is time to take a trip in the Wayback Machine. Do you remember your first cell phone? It weighed a few pounds, was as big as a brick and had no apps. But you marveled over the new invention and the clarity of the communication. That was because, compared to the pay phone, walkie-talkie or pager, it was a technological leap of unimaginable proportion. On top of that, it was a major status symbol to have that little antenna on your back windshield. So, comparing that cell phone to previous technology, it looked pretty good.

Now what happens when you compare it forward to, say, an iPhone? Obviously, it does not compare nearly as favorable. It looks heavy, awkward, expensive and of extremely limited functionality.

Here is another 80’s communication marvel, the Digital PBX. Wow, if you were working in an office at that time it changed the way you did business. There were features like integrated Voice Mail so you could get detailed voice messages if you were not at your desk rather than a stack of those little paper slips stuck on a sharp pole near an inbox. There were also a host of other productivity improving features for the office worker. The Digital PBX was smaller than its analog predecessors (1 refrigerator-sized cabinet compared to 7 refrigerators for analog), used less power and could easily add lines by plugging in additional cards on the shelf.

Once again, let’s compare it to today’s soft switches and VoIP systems. Of course, the forward comparison has the old Digital PBX looking expansive, expensive, slow and inflexible.

Now let’s reset the time machine to present day and look at a typical data access switch architecture using shelf and cards in a rack. Compared to the expensive, refrigerator-sized cabinets of the past, the shelf and cards look pretty good. Over the years, they have increased density up to about 8, sometimes 12, ports per card allowing perhaps 48+ ports per shelf. Each shelf uses only about 5 Rack Units for its row of cards and less power than the standalone cabinets. The feature content allows for increased productivity in the data center by enabling efficient utilization of network tools and appliances.

Looking forward, however, the shelf and card systems may be going the way of the refrigerator-sized cabinets and cell phone bricks of the 80’s. As new technology and innovative designs update architecture, density, power consumption and flexibility continue to improve. One example is the AFS system by Network Critical. The AFS is a new data access switch that provides a non-blocking 960Gbps backplane with 48 10Gbps access ports in a single, yes ONE, rack unit of valuable data center space. The fully-functional, fully-loaded system consumes only 150 watts using its dual redundant power supplies. The cost per port is a dramatic reduction from the legacy shelf and card systems as well.

It is fun to look back in time to gauge our technological progress. However, the moral of this story is that it is easy to compare today to yesterday because we have 100% visibility. When investing for the future, whether it is equipment, money or people, one is well served by changing the paradigm of analysis. Do not use yesterday as your baseline, use tomorrow.