A newly discovered vulnerability in the way web browsers handle high-assurance Extended Validation SSL (EV SSL) certificates may render them ineffective until browser developers fix the problem, security researchers said today.
EV SSL certificates were designed several years ago by certificate issuing authorities to combat the growing trust problems with normal domain validated SSL certificates (DV SSL), which had devolved into a low-cost, low-barrier-to-entry acquisition model. The newer EV SSL certificates are meant to assure site users that site owners have jumped through hoops and have had their identities verified as who their websites claim them to be. This assurance is provided by a green glowing bar in the browser, as opposed to the more traditional yellow lock offered by DV SSL certificates.
Unfortunately, a recent flaw discovered within the browsers themselves can actually be exploited by hackers to replicate that green glow and sniff sensitive data as it leaves the browser, says Mike Zusman, principal consultant at Intrepidus Group, who together with independent security researcher Alex Sotirov found the vulnerability.
“What Alex and I did is we came up with a tool that allows us to spoof that green badge, or that green glow of EV SSL,” Zusman says. “If you're an attacker and you happen to obtain one of the lower assurance domain validated SSL certificates that are much easier to get than EV SSL certificates you can leverage the easy certificate to spoof this green badge.”
Zusman and Sotirov will present their findings at next week’s Black Hat hacker conference. There they’ll explain how they were able to take advantage of browser vulnerabilities in order to perpetrate two different attacks that exploit user trust in EV SSL certificates. The first, which Zusman and Sotirov call SSL rebinding, is a man-in-the-middle attack that can be launched by a hacker who has taken over a wireless connection shared with the victim. The attacker can take advantage of the fundamental fact that under the hood browsers treat EV SSL and DV SSLs the same to deliver a rogue certificate that tricks the user into thinking he or she is connected to a safe site.
“Since the browsers treat them both the same, an attacker can use the DV cert in conjunction with the real site and their real EV cert to spoof the green glow and essentially sniff data coming out of the web browser without the client being alerted that anything is happening to their extended validation SSL connection,” Zusman says.
The other type of attack, labeled EV Cache Poisoning, can be perpetrated against organizations that choose to use a mixture of EV SSL and DV SSL certificates across their sites, depending on the content. Hackers can attack the low assurance areas of a site and leverage the attack in order to spoof the green glow offered by high assurance certificates.
“Essentially this is a mixed content problem, where you're mixing content that's protected with two different types of SSL security,” Zusman says. “So what this means is that the attacker compromises the lower security DV SSL site or does a man in the middle there where he's not even touching the EV-protected content. But his code is still going to be treated as EV protected, so the browser is still going to show the user the green badge.”
According to Zusman, organizations that depend on EV SSL certificates can mitigate some of their risks by discouraging users from using untrusted wireless networks and by uniformly using EV SSL if they choose to run with them. But in the end, the trust issue can only be fixed at the browser level.
“There are some best practices I feel people should be using as they're deploying EV SSL certificates but really it still kind of a moot point until the browsers can come up with a solution,” he says. “Unfortunately, it’s not an easy fix for them. It’s not something that can be rolled out with the next monthly patch.”
 |
/ 3 
