Thursday, October 13, 2011

Possible alternative to CA hierarchy

Convergence. If you didn't hear about it before, don't worry - so did(n't) we. This is a new invention presented on a conference just a couple of months ago. It aims to make MITM (man-in-the-middle) attacks, which are necessary to make use of the fake SSL certificate, useless. How does it do this?

MITM attack is local, i.e. it can affect usually a limited number of clients. Other clients (in other areas of the world) are not affected. So if our client calls other clients (called notaries here) and asks "do you see what I see?" (i.e. do you get the same certificate from that site), it ensures that the certificate is authentic OR it detects MITM attack. Of course, there exist some technical complexities here, but they are just minor details.

Convergence is a good case of proper use of peer-to-peer technologies, which makes complex (and expensive) CAs completely unnecessary.

The only question left is "who will guard the guards". If MITM can fake server's certificate, how do you ensure that notary's response to your request has not been forged? MITM attacker will quickly pay attention to forging notaries' certificates as well and producing valid response. So the large number of notaries is required, with possibility to switch them on the fly for each new request which needs validating.

Read more details about Convergence on Convergence homepage