Related Links

  • Convergence
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Related Stories

Top 5 Stories


Future of SSL in doubt? Researcher Marlinspike unveils alternative to certificate authorities

08 August 2011

Noted security researcher and hacker Moxie Marlinspike slammed the certificate authorities at last week’s Black Hat conference in Las Vegas, just before he introduced his own alternative for authenticating secure web communications.

Marlinspike began his Black Hat briefing by highlighting the fact that the SSL structure has not been fundamentally altered since the early 1990s, and based on his communications with its creator, the security and authentication it provides for web communications was developed almost as an afterthought. The problem with SSL and the certificate authorities (CAs), is the sheer number of organizations that can provide signed certificates, and therefore potentially intercept secure communications over the internet or provide certificates to those with malicious intent.

Then Marlinspike offered up a strong critique of the certificate authority process: “the vibe about these things has been shifting...from total rip-off to total rip-off and mostly worthless”.

The first problem, he added, is that there are simply too many CAs – about 650 according to research from the Electronic Frontier Foundation. Then there are the recent troubles one CA has experienced ensuring the communications it was entrusted with securing. The CA in question was Comodo, which drew the majority of Marlinspike’s ire.

The researcher said he did not trust Comodo but lamented that the only alternative web browsers have is to remove the company from their list of trusted CAs. But, by doing so, nearly one-quarter to one-fifth of the internet – the sites signed by Comodo – cannot be connected to securely.

“The truth is, somewhere along the line, we made a decision to trust Comodo”, he said. “And now we are locked into trusting them forever, and this is the essence of the problem”.

What’s missing from the authenticity equation, Marlinspike contended, is something he has termed “trust agility”. The concept has two components: first, a decision to trust a CA can be revised at any time and, second, that users can determine which CA(s) to trust.

Undoubtedly Marlinspike’s distrust of Comodo stems from recent troubles the company experienced when several of its resale partners issued digital certificates to hackers who then hijacked secure connections to major websites.

What Marlinspike proposed to replace the existing model is one that puts the power of trust decision making into the hands of the end-user, rather than CAs. “Instead of a site initiating the trust relationship, it’s the user that initiates it”, he noted, adding that users would then send a request to the CA to certify the site. “The reason this is so powerful is because it means the user can now decide which authority they want to interact with”, and presumably incentivize CAs to ensure the validity of the certificates they sign.

In what he called a Steve Jobs-inspired move, Marlinspike launched his own Convergence alternative from the Black Hat briefing stage, a system he called “a secure replacement for the certificate authority system”.

Convergence, currently in its beta version, works by allowing users to configure a set of trusted “notaries, which use network perspective to validate communication”, according to its website. It will also require a “trust consensus” from multiple notaries to ensure security. Convergence, thus far, is only available as a Firefox browser add-on.

“If anybody is proposing an authenticity system or a different trust system...the first question you should to ask is ‘Who do I have trust, and for how long’?”, Marlinspike asked the audience as he left the stage. “If the answer is a prescribed set of people – forever – then proceed with caution. In the meantime, try Convergence.”

In response to Marlinspike’s comments, a spokesperson from Comodo told Infosecurity that SSL is not broken, and that is remains the best way to protect information in transit. This same spokesperson added that Comodo’s CA process is not broken and that the company issues millions of certificates with what it called a “vanishingly small” error rate.

When asked to comment on Marlinspike’s new Convergence system proposal, Comodo said that, to its knowledge, Marlinspike himself has not claimed that his new system will result in perfect security in all cases, adding that it may be a fine system for security researchers to use.

This article is featured in:
Encryption  •  Internet and Network Security



SamanthaNewYork says:

09 August 2011
This was awesome research and by the community at large when interviewing people seemed to be a trusted secure replacement. After watching IOActive's Mike Ridpath speak on breaking SSL at Blackhat and this talk by Marlinspike I knew it was time to figure out a way to do something different what I enjoyed about this talk specifically is that it wasn't just breaking something, but also provided a solution.

Note: The majority of comments posted are created by members of the public. The views expressed are theirs and unless specifically stated are not those Elsevier Ltd. We are not responsible for any content posted by members of the public or content of any third party sites that are accessible through this site. Any links to third party websites from this website do not amount to any endorsement of that site by the Elsevier Ltd and any use of that site by you is at your own risk. For further information, please refer to our Terms & Conditions.

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×