April 23, 2019 at 10:28How a spyware company made its way into Mozilla's certificate store and what came of it
A truly detective story has unfolded in recent months around DarkMatter , which has applied to include its certification authority in Mozilla's trusted root certificate store. The fact is that this is not a simple company, but a developer of "spyware" software from the UAE. She was previously seen buying 0day exploits.. In principle, this is not a crime in itself. Many companies, including Russian ones, are developing hacker tools using 0day. They sell these programs, for example, to law enforcement agencies for hacking phones (forensic expertise) or the hidden installation of trojans (operational surveillance). But generally accepted rules are such that hacker firms cooperate only with democratic governments, that is, they stand "on the side of good."
Passions escalated in February 2019 when a Reuters investigation came out that DarkMatter was selling software to repressive regimes in the Middle East.
Mozilla instantly came under pressure .
Mozilla's trusted root certificate store is also used by some Linux distributions. Many were afraid that once in the Mozilla Root Store, DarkMatter would start issuing TLS certificates, which can be used to intercept users' Internet traffic. Such cases have already been in countries with repressive regimes, although DarkMatter claims to have never participated in such operations. Although now the problem could affect only certain Linux-systems, but it is Linux that runs on the servers of cloud providers and is deployed in data centers. In discussing the situation on Google Groups , DarkMatter representatives assured that they were never going to do anything like that.
At the same time, DarkMatter certificates have been scrutinized. And a strangeness was quickly discovered: for sequential certificate numbers, random numbers from 63-bit space were used instead of 64-bit, as it should according to the specification. This violates the CA / B Forum minimum entropy requirements (64 bits). Thus, Mozilla had formal reasons to refuse “spies” to be included in the trusted certificate store.
However, it turned out that such a violation was committed not only by DarkMatter, but with a dozen certification centers, including GoDaddy, Apple and Google. The reason is that all affected CAs used the popular open source EJBCA PKI solution with the wrong settings. Mass recall
startedfrom leading centers. The procedure took a long time (up to 30 days) due to the huge number of certificates. They had to violate RFC5280, which obliges to revoke invalid certificates within five days. As a result, according to some estimates, several million pieces were recalled.
That's how the DarkMatter espionage company did a good job: it helped to detect a serious cryptographic vulnerability. But she herself was hurt. In fact, the allegations of a Reuters investigation have no serious basis: perhaps this is just the speculation of a journalist. However, her application for inclusion in the Mozilla trusted root storage has already been rejected, which is why the company representatives are sincerely outraged . And some agree with them.
According to experts from the SSL / PKI industry, the sudden revocation of certificates also demonstrates the important role of automation in the management of company certificates. After all, in fact, you may be revoked a certificate at any time due to such a critical event.
It’s good if it’s a certificate on one server, but the problem becomes serious if you have hundreds of certificates on IoT devices instantly revoked. And if it's thousands of devices, tens of thousands? To solve this problem, GlobalSign entered into a technology partnership agreement with Xage Security . It will implement the IoT Identity Platform automatic certificate management system , capable of issuing 3000 certificates per second.
Join today, developers, innovators in the field of the Internet of things and manage various PKI-based IoT devices with GlobalSign solutions . Need more information? We are always happy to advise you by phone +7 499-678-2210.
Passions escalated in February 2019 when a Reuters investigation came out that DarkMatter was selling software to repressive regimes in the Middle East.
Mozilla instantly came under pressure .
Mozilla's trusted root certificate store is also used by some Linux distributions. Many were afraid that once in the Mozilla Root Store, DarkMatter would start issuing TLS certificates, which can be used to intercept users' Internet traffic. Such cases have already been in countries with repressive regimes, although DarkMatter claims to have never participated in such operations. Although now the problem could affect only certain Linux-systems, but it is Linux that runs on the servers of cloud providers and is deployed in data centers. In discussing the situation on Google Groups , DarkMatter representatives assured that they were never going to do anything like that.
At the same time, DarkMatter certificates have been scrutinized. And a strangeness was quickly discovered: for sequential certificate numbers, random numbers from 63-bit space were used instead of 64-bit, as it should according to the specification. This violates the CA / B Forum minimum entropy requirements (64 bits). Thus, Mozilla had formal reasons to refuse “spies” to be included in the trusted certificate store.
However, it turned out that such a violation was committed not only by DarkMatter, but with a dozen certification centers, including GoDaddy, Apple and Google. The reason is that all affected CAs used the popular open source EJBCA PKI solution with the wrong settings. Mass recall
startedfrom leading centers. The procedure took a long time (up to 30 days) due to the huge number of certificates. They had to violate RFC5280, which obliges to revoke invalid certificates within five days. As a result, according to some estimates, several million pieces were recalled.
That's how the DarkMatter espionage company did a good job: it helped to detect a serious cryptographic vulnerability. But she herself was hurt. In fact, the allegations of a Reuters investigation have no serious basis: perhaps this is just the speculation of a journalist. However, her application for inclusion in the Mozilla trusted root storage has already been rejected, which is why the company representatives are sincerely outraged . And some agree with them.
"Strange situation. On the one hand, a denial of DarkMatter's application on the basis of these articles in the press will set a precedent for refusing the obvious conscientiousness of an industry member based only on rumors and without evidence, ” writes Nadim Kobeissi, a well-known security specialist. “On the other hand, deciding to act in good faith, transparently and on factual evidence, we are in reality risking a long-term risk of undermining public confidence in the process of incorporating CAs.”
It really seems to me that both decisions will be detrimental. In the first case, this will look discriminatory (and even a bit xenophobic) ... and in the second, there will be a serious cloud of uncertainty over the security of the root directory of the CA as a whole. And I don’t even know how anyone can at least someday dispel it.
As an outside observer, I sincerely do not know what to do Mozilla at the moment ...
In fact, I would like serious evidence to be published against DarkMatter (if it exists). They would help Mozilla take a strong defensive position. "
According to experts from the SSL / PKI industry, the sudden revocation of certificates also demonstrates the important role of automation in the management of company certificates. After all, in fact, you may be revoked a certificate at any time due to such a critical event.
It’s good if it’s a certificate on one server, but the problem becomes serious if you have hundreds of certificates on IoT devices instantly revoked. And if it's thousands of devices, tens of thousands? To solve this problem, GlobalSign entered into a technology partnership agreement with Xage Security . It will implement the IoT Identity Platform automatic certificate management system , capable of issuing 3000 certificates per second.
Join today, developers, innovators in the field of the Internet of things and manage various PKI-based IoT devices with GlobalSign solutions . Need more information? We are always happy to advise you by phone +7 499-678-2210.