- SSL Products
- My Account
Earlier today at the Chaos Communication Congress in Berlin, three researchers presented a paper in which they had used an MD5 collision attack and substantial computing firepower to create a false SSL Certificate using the RapidSSL brand of certificates.
I'm happy to announce that this attack articulated this morning has been rendered ineffective for all SSL Certificates available from VeriSign.
We applaud security research of this sort and are glad that white hats like the "MD5 Collision Inc." group make a point of investigating online security. This group went to great lengths to keep its findings private, and unfortunately that included ensuring that VeriSign did not receive information about the findings ahead of the actual presentation, rendering it impossible for us to begin work on mitigating this issue prior to this morning. Fortunately, VeriSign has already removed this vulnerability. Here are some likely questions and their responses based on what we know as of this morning :
Because the researchers did not brief VeriSign on their findings, we have only gotten this information today. There is nothing in the research that upon cursory examination appears to be inaccurate. As we have the opportunity to properly examine this paper, we will have a more definitive response to this question.
VeriSign has removed this vulnerability. As of approximately 11:00 am this morning, the attack laid out this morning in Berlin cannot be successful against any RapidSSL certificate nor any other SSL Certificate that VeriSign sells under any brand.
No action is required of our customers. No existing certificates are affected by this attack and the vulnerability has been rendered ineffective for all RapidSSL Certificates moving forward.
VeriSign has been phasing-out MD5 over the past two years; the planned phase out date has been on the road-map for late January 2009 (less than one month from now). In light of today's presentation, VeriSign will be accelerating this phase-out to the earliest safe date. We will notify the public when the phase-out is complete. As of today, we have discontinued using MD5 when we issue RapidSSL certificates, and we've confirmed that all other SSL Certificates we sell are not vulnerable to this attack.
Sunsetting a legacy technology within a business ecosystem takes time to be phased out as revoking and replacing certificates could potentially halt a customer's online business. As mentioned above, VeriSign will be accelerating this phase-out to the earliest safe date. We will notify the public when the phase-out is complete.
Zero. The attack, when it worked, was a potential method for a criminal to create a new, false certificate from scratch. The researchers did not demonstrate an attack against existing end entity certificates. In other words, you can't use this attack to break a certificate that already has been issued to a site.
This vulnerability doesn't affect any existing end-entity certificates including RapidSSL.
Today's research revealed a potential attack that required the issuance of new certificates. Existing end entity certificates are not at risk from this attack. Nonetheless, any customer who would like to do so can replace any MD5-hashed certificate free of charge. Until further notice VeriSign is suspending its normal replacement fees for these certificates. Because this replacement is not necessary to ensure the continued security of sites, we are not requiring the replacement of such certificates, as we have previously with the likes of weak Debian keys.
This is correct; EV SSL Certificates utilize the latest hash algorithm and are not affected by the newly-revealed MD5 vulnerabilities. Today the MD5 researchers specifically reinforced that EV SSL Certificates are safe from this attack. They stressed the need for consumers to move to EV-compatible browsers to get the most benefit from EV.
Hardly. The presenters of this morning's paper stressed that it took them a long time and a great deal of computational power to succeed in their collision attack. VeriSign has already eliminated the attack as a possibility.
Source : VeriSign, Inc.
Some other providers offer SSL Certificates that don't quite meet the standards of ours. As one of the largest and favorite SSL Certificate retailers globally, Trustico® sets the standard in offering a high quality SSL Certificate service.