Extended Validation Certificates and MITM Attacks

In light of a new man-in-the-middle type of attack unveiled this week at Black Hat D.C., VeriSign provides simple tips for end users and businesses.

The highlighted attack is the latest twist on the MITM attack, which relies on a user being fooled into going to the wrong Web site. What makes this attack different than previous MITM attacks is that the fraudulent site attempts to leverage false visual cues, namely replacing the fraudulent site's favicon with a padlock icon, which has traditionally been recognized as a visual cue to signify an SSL-protected site.

While this scheme is capable of reproducing the padlock, it is not capable of recreating the legitimate HTTPS indicator or the even more noticeable green glow in the address bar of high security Web browsers, where the site is secured with an Extended Validation SSL Certificate.

https://www.trailofbits.com/resources/ev_ssl_mitm_slides.pdf

www.trailofbits.com/resources/ev_ssl_mitm_slides.pdf

A PDF article covering:

Introduction

  • SSL certificate authorities have been thoroughly broken in the last year or two
  • EV-SSL is often seen as a stronger assurance of site security
  • If SSL is bro ...

    Visited84
http://blog.trendmicro.com/trendlabs-security-intelligence/extended-validation-certificates-warning-against-mitm-attacks/

blog.trendmicro.com/trendlabs-security-intelligence/extended...

We believe that site owners adopting extended validation (EV) certificates can warn users about possible MITM attacks.

Visited117
http://www.net-security.org/secworld.php?id=7087

www.net-security.org/secworld.php?id=7087

In light of a new man-in-the-middle type of attack unveiled this week at Black Hat D.C., VeriSign provides simple tips for end users and businesses.

The highlighted attack is the latest twist on the MITM attack, which relies on a user being foo ...

Visited133
https://blog.digicert.com/thwarting-man-middle/

blog.digicert.com/thwarting-man-middle/

Learn what man-in-the-middle attacks are and how you can prevent yourself and your users from becoming victims.

Visited102