The National Institute on Standards and Technology (NIST) and Venafi today announced publication of the NIST Information Technology Laboratory (ITL) bulletin entitled, "Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance." NIST released the ITL bulletin, which information-security experts at NIST and Venafi co-authored, to alert both government agencies and private-sector organizations to the risks of certificate authority (CA) compromises. The bulletin also offers guidance on how to prepare for and respond to a CA compromise that results in fraudulently issued security certificates.
Digital X.509 certificates have become the de-facto standard for ensuring online trust. Nearly all government and private-sector organizations use them broadly for Secure Sockets Layer (SSL), Transport Layer Security (TLS), and other security protocols. Large organizations may use thousands and even tens of thousands of certificates and encryption keys—issued from internal and external CAs—in their data centers, private clouds, and increasingly on mobile devices to authenticate systems and users and to encrypt communications. As a result, CAs, certificates, and private keys have become high-value targets for cybercriminals in search of sensitive government and corporate information.
In 2011, attackers successfully targeted several public certificate authorities and, in at least two of these incidents, the attackers successfully issued fraudulent certificates. An attacker who breaches a CA to generate and obtain fraudulent certificates does so to launch further attacks against organizations or individuals. Attackers can use fraudulent certificates to authenticate as other individuals or systems, or to forge digital signatures.
Responding to a CA compromise may entail replacing all user or device certificates, or trust anchors from the compromised CA. If an organization is not prepared with an inventory of certificate locations and owners, it will not be able to respond quickly and may experience significant interruption in its operations for an extended period of time. To avoid this, organizations must establish CA-compromise preparation and response plans.
“Certificate authorities have increasingly become targets for sophisticated cyberattacks, particularly as the use of digital certificates for Secure Sockets Layer (SSL) has become widespread,” bulletin co-author William Polk of NIST’s Computer Security Division noted. “Recent attacks on CAs make it imperative that organizations are prepared to respond to CA compromises and the issuance of fraudulent certificates. This bulletin was published to provide organizations with practical guidance and proven best practices, which they can implement right away to minimize risk and damages should a CA compromise occur.”
"Because certificates are typically installed and managed by individual administrators in disparate departments, most organizations and executives are not aware of their dependence on certificates for security. Nor are they aware of the significant disruption to business operations that would result if they had to replace all affected certificates following a CA compromise,” said Paul Turner, vice president of products and strategy at Venafi. “The goal of this paper is to provide clear, easy to follow steps and procedures to prepare for and respond to a CA compromise. If enterprises are not prepared to respond to a CA compromise, they have overlooked business continuity planning that could prevent extended downtime for a majority of their applications and systems.”
Understanding Compromises, Incident Response and Best Practices
NIST and Venafi provide several important steps organizations should implement to prepare for a CA compromise:
- Secure your certificate authority or authorities
- Establish an inventory of all certificates in your environment and identify owners and other data (such as location and issuing CA) for these certificates
- Document all certificate expiration dates, encryption algorithms, and key lengths
- Establish an inventory of all trust anchors (CA root certificates used to validate user and device certificates) and identify owners and other data for these trust anchors
- Remove all trust anchors that should not be trusted
- Identify or document the procedures to replace each certificate
- Identify backup sources for rapidly acquiring new certificates with appropriate policies
For applications that have public key certificates of their own, procurement requirements should ensure that CA-independent mechanisms exist for obtaining new system and application certificates
To download the full July 2012 NIST ITL Security Bulletin go to http://csrc.nist.gov/publications/PubsITLSB.html
Founded in 1901 and now part of the U.S. Department of Commerce, NIST is one of the nation's oldest physical science laboratories. Congress established the agency to remove a major handicap to U.S. industrial competitiveness at the time—a second-rate measurement infrastructure that lagged behind the capabilities of England, Germany, and other economic rivals. Today, NIST measurements support the smallest of technologies—nanoscale devices so tiny that tens of thousands can fit on the end of a single human hair—to the largest and most complex of human-made creations, from earthquake-resistant skyscrapers to wide-body jetliners to global communications networks. We invite you to explore our website to learn about our current projects, to find out how you can work with us, or to make use of our products and services.
As one of the major research components of the National Institute of Standards and Technology, the Information Technology Laboratory (ITL) has the broad mission to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology through research and development in information technology, mathematics, and statistics.