Thursday, March 31, 2011

Comodo Says Two more CAs Compromised

Officials at Comodo have acknowledged that an additional two registration authorities affiliated with the company have been compromised in the wake of the high-profile attack on the company that was disclosed last week. However, no forged certificates were issued as a result of the new attacks.

In a message on a discussion thread set up after the original attack on a Comodo registration authority, Robin Alden, CTO of Comodo, said that the company has discovered two fresh compromises of its affiliated RAs during the investigation into the first attack. Alden did not furnish any other details about the new compromises.

"Two further RA accounts have since been compromised and had RA privileges withdrawn. No further mis-issued certificates have resulted from those compromises," Alden said in the message about the new RA compromises.Addressing a list of concerns about Comodo's practices raised by customers and browser vendors in the wake of the attack, Alden said that the company is now in the process of rolling out a new two-factor authentication system for its RAs. Comodo also is installing other security measures as a result of the attack.

"We are rolling out improved authentication for all RA accounts. We are implementing both IP address restriction and hardware based two-factor authentication. The rollout of two-factor tokens is in progress but will take another couple of weeks to complete. Until that process is complete Comodo will review 100% of all RA validation work before issuing any certificate," Alden wrote. The technical details of the attack on an RA affiliated with Comodo earlier this month are still unclear, although officials have said that the attacker went in through the account of one of its RAs and then was able to use the account to issue himself fraudulent certificates for a number of sites belonging to Google, Mozilla, Skype and Yahoo.

Someone claiming to be the attacker responsible for the Comodo compromise has posted several messages to Pastebin with the purported details of the attack. And on Monday the same person also posted the forged certificate for Mozilla that he issued himself, as well as the private key for the certificate. Alden said in the message on the Mozilla discussion thread that Comodo has determined that neither the company's hardware security module (HSM) nor its private key material were compromised in the original or subsequent attacks.

After the initial attack on Comodo became public, Mozilla officials called on Comodo to stop issuing certificates to RAs directly from the root that the company maintains. Alden said that the company is in the process of moving to that model. "We understand Mozilla's request that we move to having a separate sub_CA certificate per RA.Currently many of our end entity certificates are issued from RA-specific sub-CAs but some (like this incident) are not. As a short-term measure we will move towards issuing all certificates from sub-CAs. Initially some of these will be Comodo-branded and there will not be a 1:1 match between RAs and sub-CAs, but we think this will give Mozilla the flexibility they seek in this regard. In the slightly longer term we will move to a sub-CA per RA," Alden said. 

Direct link to the news can be found here.