104

Why do people trust companies in countries with big surveillance programs like the US?

Many US Certificate Authorities secure the web for live SSL/TLS connections. Still, a NSL would be enough for the government to gain the right to intercept the traffic legally. So why does anybody even assume that US CAs are remotely private?

Why do big companies and other (illegal) organizations where privacy is a big factor not fully use CAs from countries with strict privacy laws like Switzerland or Sweden?

gerrit
  • 1,829
  • 1
  • 17
  • 26
Richard R. Matthews
  • 1,139
  • 2
  • 9
  • 13
  • 21
    *"... a NSL would be enough for the government to gain the right to intercept the traffic legally"* - could you explain in more detail how exactly a NSL against a CA would help in your opinion to intercept what kind of traffic? *"countries with strict privacy laws"* - could you please explain how privacy laws will help in this case? Do you believe that states with stricter privacy laws don't intercept communication in criminal cases? *"US Certificate Authorities?"* - why do you single out US?. Browsers trust CA from China, Turkey etc too. – Steffen Ullrich Nov 06 '17 at 06:20
  • 6
    @SteffenUllrich: China, the US and Turkey are all examples of countries that have extrajudicial powers for communication interception. But not all countries work this way. See also [Mozilla vs the Netherlands](https://www.theregister.co.uk/2017/10/30/mozilla_mistrust_dutch_ca/) which is a boundary case (3 man oversight panel, only 2 of which are actual judges). And it's probably no coincidence that you named the two countries whose CA's I have explicitly distrusted. – MSalters Nov 06 '17 at 10:06
  • I would like to see some comment in the answers, why companies should not use other CAs to allow users to distrust US CAs. Some of the answers fall short of this, by just saying every CA you trust could be the bad one. Of course, just one rogue CA is required for a malicious certificate, but if all big sites would use CAs in legislations which can be trusted with regard to government requests, more users could stop accepting certficates from CAs which may be obliged to do bad things. – allo Nov 06 '17 at 15:47
  • I wanted to say the SSL/TLS traffic which is authenticated with the CA signed by the CA which would be vulnerable to MITM attack . – Richard R. Matthews Nov 06 '17 at 15:57
  • And I just took the US as an example for a country with bad privacy laws . that does not mean I would trust the US or Turkey . – Richard R. Matthews Nov 06 '17 at 15:59
  • 14
    Related: [Can a nation-state adversary perform a MITM attack by compelling a CA to issue them with fake certs?](https://security.stackexchange.com/q/38199/29865) – Ajedi32 Nov 06 '17 at 16:45
  • 17
    Every single nation-state is willing to spy on people if it is in the interest of national security. There are no countries that fully respect privacy, and don't have some kind of surveillance program. – Daniel Grover Nov 06 '17 at 21:45
  • 9
    The US or companies based on the US runs 10 out of 13 DNS root servers; all three major of the Root Certificate Program and browser vendors (Google, Mozilla, Microsoft) are US-based; the OS vendors (Microsoft, Apple) are US company. Symantec, a US-based company, is the true owner of many major CAs. If you don't trust the US, you're kinda screwed. So let's just use Tor to secure ourselves against the US, but oh no, Tor is a US Government Navy Project. – Lie Ryan Nov 07 '17 at 12:56
  • @Damon yes, if the public keys are sent over a secure channel. If they aren't there is nothing stopping someone in the middle from replacing them. Or replacing the software you get/update/whatever in order to generate the keys in the first place. Actually "boring news about peoples private lives" on facebook et.c. can be a gold mine for advertisers. – mathreadler Nov 09 '17 at 07:51

3 Answers3

92

Why do big companies (...) not fully use CAs from countries with strict privacy laws like Switzerland or Sweden?

Because any CA can issue a certificate for any domain anyway (with some caveats).

If your ISP wanted to intercept all your future connections to https://example.com/ by exchanging its certificate with a rogue one, they wouldn't have to ask the original issuer of the certificate for help. They just needed to get any issuer in your local root certificate store to issue the certificate, and your browser would accept it as valid (you'd see the green lock icon and not be aware of the attack without examining the certificate).

So switching to a more reliable CA wouldn't help the site owner a whole lot against a government actor. (If you personally distrust some CAs, you could also revoke their trust locally in your root cert store.)

Instead, what a site owner can do is use certificate / public key pinning. E.g., a website can send a HPKP header to announce hashes of public keys that must be part of the certificate chain when connecting to the site. If a site has implemented HPKP correctly and your browser is aware of the pins (either by having seen the header before or by preloading), a rogue certificate would be rejected by the browser even if it was issued by a trusted CA because the attacker (or any CA) can't produce one whose fingerprint matches the pin.

Arminius
  • 43,922
  • 13
  • 140
  • 136
  • 7
    Forged certificates would eventually be discovered, which would quickly get the CA un-trusted. – Spencer Joplin Nov 06 '17 at 05:29
  • 19
    @SpencerJoplin Eventually. A lot of damage can be done in the meantime. Look at the DigiNotar incident. https://en.wikipedia.org/wiki/DigiNotar – Martin York Nov 06 '17 at 07:11
  • 37
    Google is abandroning HPKP: https://www.theregister.co.uk/2017/10/30/google_hpkp/ – J-16 SDiZ Nov 06 '17 at 08:21
  • 1
    @J-16SDiZL Google is a US compnay and subject to NSL's too. You can't specifically blame the current US administration, but in general US companies can only be trusted as much as you trust the US government. Still, that maximum possible trust obviously dropped a few notches over the last year. – MSalters Nov 06 '17 at 10:10
  • 12
    @J-16SDiZ - Google are indeed abandoning HPKP because it's typical google, take something poorly implemented, whack it into production and then force everyone else to follow you. That said Certificate Transparency should replace it and do a much better job. – James Snell Nov 06 '17 at 11:26
  • 3
    Note that CAA has reduced the ability of CAs to arbitrarily issue certificates for anything https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization. Perhaps this can be incorporated into the answer in some meaningful way. – Sander Nov 06 '17 at 14:20
  • 4
    @Sander CAA is irrelevant for rogue CAs, since browsers don't enforce it. (And that's by design.) – Ajedi32 Nov 06 '17 at 16:47
  • 1
    @Ajedi32 "(And that's by design.)" - why? Without DNSSEC it seems that it doesn't get attacker any foothold (if they can MiTM browser and gain fraudulent cert they need to also intercept DNS) and there is no additional privacy information leaking (as domain name is already leaked by DNS). So it seems that it makes attacker life net harder. – Maciej Piechotka Nov 06 '17 at 18:18
  • 1
    @MaciejPiechotka Well, like you said, without DNSSEC it'd just be pointless security theater. Any attacker who can obtain a cert from a trusted CA and use it to carry out a MITM attack is also capable of MITMing DNS. There are also potential problems with networks blocking access to non-standard DNS resource types (see https://www.imperialviolet.org/2015/01/17/notdane.html) which would make CAA records difficult for browsers to reliably enforce even if they wanted to. There are more reasons too, but there's not enough space for me to explain them all in this comment. – Ajedi32 Nov 06 '17 at 19:31
  • 2
    This neglects the main question: "Why do we trust CAs from certain countries?" If no US CA were trusted, then it wouldn't help if a US CA had signed a "rogue" cert. – jpaugh Nov 08 '17 at 21:51
26

A CA's role in the PKI is verifying identity. A CA never possess the private key of the certificate they're signing (as long as you use the standard procedure where you generate the key and CSR, instead of the easy but insecure procedure where the CA generated the private key for you), so the CA doesn't have the technical capability of intercepting communications that uses a certificate issued by them.

What a rogue CA can do, on the other hand, is issue fraudulent certificate that can be used by a rogue intelligence agencies, to impersonate a target site. This can allow them to MITM, but still wouldn't allow them to intercept communications that were established using the genuine certificate. Note that under this model, it doesn't really matter what CA is compromised, any CA can issue certificates that would be accepted by most users (barring key pinning and the likes), even if the CA doesn't have a business relationship with the target site. To protect against this, it's on the user, not the site owners, to remove CAs they don't trust from their certificate store, because it's the user's browser that verifies a certificate.

In other words, even if you use a trusted CA, that still wouldn't protect anyone if your user's browser is configured to trust a rogue CA.

Lie Ryan
  • 31,089
  • 6
  • 68
  • 93
  • 3
    Your last sentence suggests that the question should be "Why does the trusted CA list include US CAs?" – Barmar Nov 06 '17 at 22:44
  • @Barmar: as to the question of why a US based CA is included in the default trust list, the answer is easy, any CA that want to be included in the default trust list need to satisfy the CA/B Baseline requirements, additional requirements for the class of certificate (DV, OV, EV) they were allowed to issue, and to follow the browser vendor's procedures. If you are aware of any specific points where a certain US-based CA fails to meet the CA/B criteria but still included in the default trust list, you can bring that up as a specific question. – Lie Ryan Nov 07 '17 at 01:55
  • I'm just relating it to the concerns that the OP has, regarding US privacy laws. – Barmar Nov 07 '17 at 02:34
5

Still, a NSL would be enough for the government to gain the right to intercept the traffic legally.

Not quite enough. And it's not a problem of US only. I think there is some background confusion in the question, so I will be expanding a lot on the government security topic. Please remember that CAs only assess the ownership of a domain, releasing a certificates that makes your browser trust that the public key used in SSL encryption is the key owned by the rightful owner, or on the opposite that no one owning (better pwning) the communication channel from within the middle is spoofing traffic.

CAs do not secure the web, but they rather help make the web a more secure place, which means they play only a role in a complex show. They issue the equivalent of a passport to websites. So an NSL is not sufficient to intercept traffic, and most importantly we need to analyze what a government may or may not do to to intercept traffic.

First, why do we trust many CAs from USA? It is a historical/market reason. US market has grown rapidly in the hi-tech in the 90s-2000s, so it's just that plenties of companies grew to size and reliability to become trusted by browser makers (not to mention that most of them are US-based as well).

Second, what technical power does the CA to sniff or let someone sniff traffic? Since CAs do not own the private key, repeat they do not have technical power or backdoor to grab the secret key, the most they can do is to issue a certificate to a rogue entity who at the same time controls the networking infrastructure at some point between target user and site. If for example the rogue entity is a cloud provider, they have full control over all channels, while if the rogue entity is a consumer ISP they will only get traffic from their customers.

So what can actually a government do with a gag order?

That depends on location. Expect that government of France has little power to issue a gag order to sniff traffic directed to service service under investigation run by a French individual mainly serving customers from Russia using a server hosted in USA and protected by a CA based in Israel. I made the example widely complicated, because French government (replace any country name for sake of Frenchmen honorability):

  • May not have jurisdiction over Israeli CA, but has power over French CAs
  • May not have jurisdiction over the Russian ISPs
  • May not have jurisdiction over USA cloud providers

May is ironic in such a case.

From what government are we safe?

I think this one is the key of the question, in my opinion the reason behind the whole original question. The OP provides Sweden as an example of a country with strict privacy regulation that prevents wiretapping from happening. I personally don't know Sweden regulation but my answer can be applied to any government. I am basically say that any government has power to coherce local entities (may be companies or citizens) to do action that is unwanted from them. But they may or may not have jurisdiction over foreign entities. A CA in Sweden would suffer the same threat should Swedish government start an investigation requiring wiretapping. European Union could even be the worst place for jurisdiction independence, as EU members are notably increasing their cooperation agreements. But that's another, geopolitical, story.

If the NSA did historically abuse their power to wiretap - which is legitimate when scoped to inviduals involved in serious criminal investigation and regulated by specific acts - by actually wiretapping everyone, is not part of regulatory environment. A court order is something we assume to be always acceptable. NSA was considered to be rogue by many US citizen themselves due to the impact the #datagate scandal had in the US as well

Case study: Autistici/Inventati, when you won't bother CA with a gag order

There should be plenties of similar case in history but I will detailfully describe a case occurred years ago (2004-2005) that I remember well.

Autistici/Inventati ran a public mail service designed to protect privacy of customers, in the era before Gmail reported emails received without TLS protection. This service was based in Italy serving customers from Italy. It was hosted at Aruba data center, an Italian cloud provider, on a dedicated server.

A customer of Autistici was under investigation and his mail was to be wiretapped. Italian prosecutor, considering that Autistici email provider was a self-proclaimed collective, e.g. not a commercial liable company, suspecting they had sympathy, direct involvement or intention to reveal the gag order to the party under investigation, convinced court to order Aruba cloud provider to do the following:

  1. Shut down the server to allow technicians to grab the SSL private key from server disk
  2. Lie to the customer claiming the downtime was due to a fuse break in the power cord
  3. Restore the server to operation without sharing details about the fact to anyone
  4. Provide wiretap records from the network interface

By regulation, lawsuit acts are public once investigation is over, so when the raid documentation was declassified, after a year, it was discovered that the police had then the power to read all mails at Autistici server.

One year ago the authorities (i.e. the postal police), during the investigation that led to the suspension of an email account (croceneraanarchica-at-inventati.org), shut down our server without any notice, and copied the keys necessary for the decryption of the webmail. Since then, they potentially had access to all the data on the disks, including sensible information about our users. This happened with the collaboration of Aruba, our provider.

When we noticed that the server was unreachable we repeatedly called the Aruba web farm, asking for an explanation. They made up silly excuses about technical problems, deciding that their clients, their contracts and the rights of our users weren't worth a single phone call to the server legal owners. They lied and totally disrespected even the most basic rights and the privacy of those utilising their services..

Some details here, but I have read the full story about the plug cord elsewhere. This demonstrates that CAs are not necessarily the easiest target for a gag order.

And finally, the blockchain solution

Although not part of the question, here is the proposed solution to solve the legal accountability issues of CAs.

Since the same Google is aware of the issue of rogue certificates (consider that USA, Russia and China have their own commercial CAs), they have been already researching on using the blockchain to secure the issue and revocation of SSL certificates. What blockchain basically do is to provide evidence that cannot be altered by the act of a single entity not controlling the vast majority of the infrastructure.

Here are some sources:

Community
  • 1
usr-local-ΕΨΗΕΛΩΝ
  • 5,310
  • 2
  • 17
  • 35
  • 2
    Swede here with some color; our NSA (FRA; roughly Military Signal Intelligence Agency) has the legal right to tap and analyze any traffic that crosses the border to prevent against "foreign threats", and they have persistent taps with the backbone to make this possible. I don't think they store everything, nor that they are in a position to change the data (only collect a copy of it), but knowing what we do, the proposition that we are inoculated against it is absurd. We may not be the worst-faith actor, but this capability was passed openly as a law in our parliament. – Jesper Nov 08 '17 at 13:36