Last week’s revelations that one, and possible multiple, Certificate Authorities (CA) had been breached really rocks the basic foundation of
information security as we know it. When you couple this news with the RSA breaches reported earlier this year, there are clearly some large and
foreboding cracks in some of the foundational underpinnings of security – SSL and Public Key Infrastructure (PKI), for example – that require us to take a hard look at the entire concept of trust.
Early last week, news broke out about the hack of Dutch certificate authority (CA) DigiNotar, which followed the patterns of an earlier hack of Comodo, another CA. The hacker taking credit for this breach claims he has infiltrated four other CAs, including GlobalSign, although GlobalSign is rejecting the claim. Analysis has shown that the hacker used some very sophisticated techniques to penetrate the CA servers at DigiNotar and obtain root access for five of the company’s root certificates.
Without getting too deep into digital certificates, it is useful to know that CA like DigiNotar issue certificates that are at the heart of SSL and PKI. The issued certificate is linked through a chain of trust back to the certificate authority’s root certificate. The security of issued certificates, and the security of the implementations that use them, is only as good as the security of the root. If the root is compromised, all of the issued certificates are compromised… To read the rest of the article, please click here.