French Treasury accidentally signs SSL certificate for domains

Google has revoked trust for a digital certificate for several of its domains that was apparently mistakenly signed by a French Government intermediate certificate authority (CA) as part of a security program for France’s Ministry of Treasury.

Google has called the intermediate CA’s action a “serious breach” and has made two key changes to its certificate revocation metadata in Chrome in the past week in response to its December 3 discovery of the unauthorised digital certificate.

Although intermediate CA certificates are similar to standard SSL certificates, they can also be used to generate other SSL certificates, making them a useful weapon to anyone that wants to launch a man-in-the-middle attack on a website’s users. As Google security engineer Adam Langley noted on Saturday: “Intermediate CA certificates carry the full authority of the CA, so anyone who has one can use it to create a certificate for any website they wish to impersonate.”

Google initially revoked trust for the intermediate CA, but, as it turns out, the certificate was all a big mistake — caused by a misguided effort to improve security within France’s Ministry of Finance, which used the certificate to inspect encrypted traffic on a private network.

After discovering the unauthorised certificates, Google traced it to an intermediate CA that linked back to Agence nationale de la sécurité des systèmes d’information (ANSSI), which is both a certificate authority and the agency responsible for protecting France’s government networks.

Langley explained that Google initially updated Chrome’s certificate revocation metadata to block the intermedia CA itself and then alerted ANSSI and other browser vendors. However, on Saturday, following an explanation by ANSSI, Google amended Chrome’s revocation metadata to only block the certificate. ANSSI has asked other browser vendors to pull trust for the certificate too.

“ANSSI has found that the intermediate CA certificate was used in a commercial device, on a private network, to inspect encrypted traffic with the knowledge of the users on that network. This was a violation of their procedures and they have asked for the certificate in question to be revoked by browsers. We updated Chrome’s revocation metadata again to implement this,” wrote Lanhley.

ANSSI also released a statement on Saturday, putting the misused of the digital certificate down to “human error” and promising it won’t happen again.

“As a result of a human error which was made during a process aimed at strengthening the overall IT security of the French Ministry of Finance, digital certificates related to third-party domains which do not belong to the French administration have been signed by a certification authority of the DGTrésor (Treasury) which is attached to the IGC/A,” said ANSSI.

“The mistake has had no consequences on the overall network security, either for the French administration or the general public. The aforementioned branch of the IGC/A has been revoked preventively.”

Nonetheless, Langely pointed out that what it did was a “serious breach” and demonstrated why its own initiative Certificate Transparency (CT) was needed. According to the CT program’s website, CT is an early warning system for SSL certificates that have been mistakenly issued by a CA or maliciously acquired from rogue CAs.

According to well-known security researcher Moxie Marlinspike, a security researcher and founder of Whisper Systems, Google’s detected the rogue certificate thanks to “certificate pins” that ship with Chrome and are designed to flag bogus certificates.

“This compromise was detected by Google because they have hard-coded 'certificate pins' in Chrome which specify which CAs the browser should expect to see when connecting to Google,” wrote Marlinspike on THN.

“This type of 'pinning' is the only technique that we know of which has actually detected a CA-assisted MITM attack in the wild (a few times now). So it works really well, but only if you're running Chrome, and only if you're connecting to Google (or the few other pinned sites hardcoded in Chrome).”

While it does work, there are limitations to this method, he notes.

“It doesn't scale well because not every website can (or is willing to) hardcode their CA information in browser binaries, the pinned information has to expire at some point (otherwise you can never change your CA), sites are still vulnerable to their own CAs, and it only works in browsers which are willing to maintain this hardcoded list of pins in their client binaries.”

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

Tags GoogleFrenchMinistry of Treasurysecuritycertificate authority (CA)

More about CSOGoogle

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts