Rogue SSL Certificate Plan Proposed

Tuesday, May 29, 2012 @ 07:05 PM gHale

A pair of security researchers said an extension to the Transport Layer Security (TLS) protocol would allow browsers to detect and block fraudulently issued SSL certificates.

Called TACK, for Trust Assertions for Certificate Keys, the extension is a plan developed by security researchers Trevor Perrin and Moxie Marlinspike. The plan went to the Internet Engineering Task Force (IETF), the body in charge of TLS, for consideration last week.

NASA Investigates Compromise
U.S. Jams Taliban, Yemen Frequencies
Hacking to Force Stronger Security
Chinese Duo Face Piracy Charges

TACK tries to resolve the trust-related problems with the public key infrastructure that highlighted by last year’s security breaches at certificate authorities (CAs) Comodo and Diginotar.

Both of those breaches resulted in SSL certificates for high profile domains like, or, hitting the cyber street. In Diginotar’s case, the certificates worked in active attacks against Google users in Iran.

At the moment, Web browsers trust over 600 organizations from around the world to issue SSL certificates. These organizations are certificate authorities and every one of them can technically issue a valid certificate for any domain on the Internet.

Several proposals to improve the current CA-based system have come forward by Internet and security experts in the past 12 months, but there’s no consensus regarding which one offers the best solution.

In November 2011, security engineers from Google proposed an HTTP extension called “public key pinning” that would allow websites to effectively tell browsers via an HTTP header which certificate authorities should be trusted to issue SSL certificates for their domain names.

The browsers would then remember (pin) this information and refuse to establish the connection if they receive a certificate signed by a different CA in the future. A more static implementation of this system already exists in Google Chrome for particular domain names, including Google’s.

TACK is the same public key pinning concept, but instead of pinning CA public keys to particular domain names, it pins public keys generated by the domain owners themselves.

With TACK, the domain owner can generate a pair of private and public keys called TACK keys. The private key signs the server’s TLS public key, which browsers currently use to validate SSL certificates. The TACK public key then shares with connecting browsers and validates the TACK-signed TLS public key.

The browsers can pin a TACK public key to a domain name if they receive it from the server on several separate occasions. If an attacker attempts to use a rogue SSL certificate to spoof a secure connection to a domain name that already has a TACK key pinned to it, the browser will not authorize it because the TACK validation will fail.

Leave a Reply

You must be logged in to post a comment.