Google appears to have caught the French finance ministry spying on its workers’ internet traffic by spoofing Google security certificates, judging from an episode that took place last week.
The web firm said in a blog post on Saturday that, on the preceding Tuesday, it had become aware of “unauthorized digital certificates for several Google domains.” It tracked the provenance of these certificates back to ANSSI, the French state information security agency, which in turn pointed to the Treasury as the culprit.
Browsers use such certificates to verify that a web service is what it says it is, and creating a fake certificate can allow an attacker to impersonate a service like Google, duping the user into handing over personal information. This is known as a man-in-the-middle attack – it’s been used by the NSA, and is probably that agency’s chief weapon in circumventing industry-standard TLS/SSL web encryption.
Certificates are issued by certificate authorities (CAs), which naturally need to demonstrate their trustworthiness. Highly trustworthy CAs are known as “root CAs” – ANSSI in this case – and there are also lower-grade “intermediate CAs” that are verified by root CAs so that the browser will accept their certificates.
Last week, Google spotted certificates purporting to belong to itself, but in reality issued to someone else by an intermediate CA. It immediately updated its Chrome browser to block that intermediate CA, then followed the chain of trust to identify the root CA, ANSSI. It informed ANSSI of what it had found, and also warned other browser vendors to block the intermediate CA.
What follows needs to be pieced together from Google and ANSSI’s respective statements. Google said ANSSI found the certificate had been used “in a commercial device, on a private network, to inspect encrypted traffic with the knowledge of the users on that network.” ANSSI said “human error… was made during a process aimed at strengthening the overall IT security of the French Ministry of Finance,” through which “digital certificates related to third-party domains which do not belong to the French administration have been signed by a certification authority of the DGTrésor (Treasury).”
If the French finance ministry was trying to strengthen its IT security, and that involved inspecting encrypted traffic with users’ knowledge, that suggests the Treasury was snooping on its own users’ internet usage – assuming that Treasury workers’ contracts state they may be monitored while surfing on Treasury networks.
Whatever the truth of the matter may be, ANSSI has now revoked the certification powers of the Treasury’s intermediate CA and is revising its overall certification processes “to make sure no incident of this kind will ever happen again.”
Google used the incident to push its campaign for certificate transparency, which would involve a new framework for auditing certificates in real-time. This would not be a bad thing: as this episode and others have demonstrated, certificates are the weak point in today’s online security set-up. If we can eliminate that flaw while extending encryption across the web, we will all be a lot more secure and much better protected against bulk surveillance.