About 14 percent of all Web sites use digital certificates signed using the vulnerable MD5 hashing algorithm, according to a survey performed by network-monitoring firm Netcraft.
The survey, which examines an "extensive portion" of the Internet, found that RapidSSL — now owned by VeriSign and referred to as the Equifax brand — represents the vast majority of vulnerable digital certificates. Last week, researchers announced in Berlin, Germany, that they had successfully created a rogue certificate authority — whose signatures would be accepted by any Web browser as valid — using known weaknesses in the MD5 algorithm. The researchers also need to exploit weaknesses in RapidSSL's certificate issuance process to obtain the digital certificate.
VeriSign has stressed that it has protected all existing RapidSSL certificates from abuse.
"VeriSign, (the) owners of RapidSSL since 2006, have stated that they have stopped using MD5-signing for RapidSSL certificates, and will have phased out MD5-signing across all their certificate products by the end of January 2009," Netcraft said in its post revealing the results of the survey. "Other affected CAs are likely to follow suit, as SHA1 is well established and is already in use for the majority of SSL certificate signing, so it should be simple to switch to using this more secure alternative."
Hash algorithms are typically used to reduce a large data file — such as a Word document or e-mail message — to a simple, if sometimes long, number that can be used to identify the data, in the same way that fingerprints are used to identify humans. A good hash function gives a completely different result if the original file is changed even slightly. A variety of encryption and security functions use hashes, from integrity checks and digital signatures to the secure communications and trust infrastructure of the Internet.
On the Web, hash algorithms are used to sign the certificates that online stores, banks and other security-sensitive sites use to identify themselves and encrypt the communications channel between the site and its customers. Certificates are issued by certificate authorities (CAs), which are either trusted because they are a top-level, or root, authority or because they have been granted the ability to issue certificates by a root CA. All Web browsers maintain a list of trusted root certificate authorities as a way to verify certificates issued by those CAs. A certificate that appears to be issued by a trusted CA will be accepted as valid by all browsers.
Despite the discovery of major weaknesses in the MD5 hash algorithm, six certificate authorities continued to issue MD5-signed certificates in 2008. The research group analyzed a sampling of 30,000 certificates from sites online and found that 30 percent were signed using MD5. Because of its popularity, RapidSSL accounted for nearly all — about 97 percent — of the MD5-signed certificates.
Netcraft's survey found the incidence of MD5-signed certificates to be half that of the researchers' survey.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos