Fraudulent Certificate for Google Domains Found After Mistake by Turkish CA
Contributed by: Email on 01/03/2013 03:16 PM
[
Comments
]
Google has pushed out an update that blocks an intermediate digital certificate for *.google.com after discovering that a Turkish certificate authority had mistakenly issued intermediate certificates to two organizations that should only have gotten normal SSL certificates. That error gave those two organizations the power to issue certificates that carried the same authority as the CA itself and allowed one of the organizations to issue the fraudulent wild card certificate for Google. One of the groups that obtained the intermediate certificate is a Turkish government agency.
The problem was discovered by Google security personnel just before Christmas and the Google team quickly found that it was a Turkish CA named TURKTRUST that had issued the intermediate certificate. That mistake essentially granted the company with the intermediate certificate the ability to issue certificates for any domain it chose.
"In response, we updated Chromes certificate revocation metadata on December 25 to block that intermediate CA, and then alerted TURKTRUST and other browser vendors. TURKTRUST told us that based on our information, they discovered that in August 2011 they had mistakenly issued two intermediate CA certificates to organizations that should have instead received regular SSL certificates. On December 26, we pushed another Chrome metadata update to block the second mistaken CA certificate and informed the other browser vendors," Google's Adam Langley wrote in an analysis of the episode.
Microsoft also has taken steps to block the fraudulent certificate for Google, revoking trust in the problematic intermediate certificates and pushing the change to users.
"TURKTRUST Inc. incorrectly created two subsidiary CAs (*.EGO.GOV.TR and e-islam.kktcmerkezbankasi.org). The *.EGO.GOV.TR subsidiary CA was then used to issue a fraudulent digital certificate to *.google.com. This fraudulent certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against several Google web properties," Microsoft said in a security advisory issued Thursday.
"To help protect customers from the fraudulent use of this digital certificate, Microsoft is updating the Certificate Trust list (CTL) and is providing an update for all supported releases of Microsoft Windows that removes the trust of certificates that are causing this issue."
Neither Google nor Microsoft has said whether the wild card certificate was used in any actual attacks, but the implications of the mistake by TURKTRUST are huge. With an intermediate certificate in hand, an attacker would have the ability to issue a valid certificate for any domain she chose. The attacker then would be able to represent to a user's browser that the domain is legitimate, thereby fooling the user into trusting the site. Using such an attack to impersonate a bank or shopping site could lead to a major payday for an attacker, but using it to impersonate a Google service such as Gmail could create an entirely separate set of problems.
This episode is eerily reminiscent of one in 2011 in which an attacker was able to issue to himself a valid wild card certificate for Google, as well as several other high-value sites. That attack on the Comodo certificate authority involved the attacker stealing credentials for a registration authority connected to Comodo in Europe and then issuing the certificates. The same attacker later took credit for a similar compromise of DigiNotar, a Dutch CA that eventually went out of business as a result of the compromise.
The problem with TURKTRUST doesn't appear to be the result of an attack on the CA, though. Rather, it seems to have been a mistake. Still, Google officials said they plan to update Chrome again in the near future to remove the extended validation status of any current EV certificate issued by TURKTRUST.
"Since our priority is the security and privacy of our users, we may also decide to take additional action after further discussion and careful consideration," Langley said.
The problem was discovered by Google security personnel just before Christmas and the Google team quickly found that it was a Turkish CA named TURKTRUST that had issued the intermediate certificate. That mistake essentially granted the company with the intermediate certificate the ability to issue certificates for any domain it chose.
"In response, we updated Chromes certificate revocation metadata on December 25 to block that intermediate CA, and then alerted TURKTRUST and other browser vendors. TURKTRUST told us that based on our information, they discovered that in August 2011 they had mistakenly issued two intermediate CA certificates to organizations that should have instead received regular SSL certificates. On December 26, we pushed another Chrome metadata update to block the second mistaken CA certificate and informed the other browser vendors," Google's Adam Langley wrote in an analysis of the episode.
Microsoft also has taken steps to block the fraudulent certificate for Google, revoking trust in the problematic intermediate certificates and pushing the change to users.
"TURKTRUST Inc. incorrectly created two subsidiary CAs (*.EGO.GOV.TR and e-islam.kktcmerkezbankasi.org). The *.EGO.GOV.TR subsidiary CA was then used to issue a fraudulent digital certificate to *.google.com. This fraudulent certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against several Google web properties," Microsoft said in a security advisory issued Thursday.
"To help protect customers from the fraudulent use of this digital certificate, Microsoft is updating the Certificate Trust list (CTL) and is providing an update for all supported releases of Microsoft Windows that removes the trust of certificates that are causing this issue."
Neither Google nor Microsoft has said whether the wild card certificate was used in any actual attacks, but the implications of the mistake by TURKTRUST are huge. With an intermediate certificate in hand, an attacker would have the ability to issue a valid certificate for any domain she chose. The attacker then would be able to represent to a user's browser that the domain is legitimate, thereby fooling the user into trusting the site. Using such an attack to impersonate a bank or shopping site could lead to a major payday for an attacker, but using it to impersonate a Google service such as Gmail could create an entirely separate set of problems.
This episode is eerily reminiscent of one in 2011 in which an attacker was able to issue to himself a valid wild card certificate for Google, as well as several other high-value sites. That attack on the Comodo certificate authority involved the attacker stealing credentials for a registration authority connected to Comodo in Europe and then issuing the certificates. The same attacker later took credit for a similar compromise of DigiNotar, a Dutch CA that eventually went out of business as a result of the compromise.
The problem with TURKTRUST doesn't appear to be the result of an attack on the CA, though. Rather, it seems to have been a mistake. Still, Google officials said they plan to update Chrome again in the near future to remove the extended validation status of any current EV certificate issued by TURKTRUST.
"Since our priority is the security and privacy of our users, we may also decide to take additional action after further discussion and careful consideration," Langley said.
Comments
