New Zealand SIS Only Uses SSL To Protect Public Informants’ Privacy

UPDATE 2011-08-26: I stand corrected. Here’s what Peter Gutmann said when asked whether SSL provides sufficient protection for NZSIS’ tip-off form (note: “phone them” refers to NZSIS’ existing public tip-off telephone number): “It depends what the threat model is. Given that the alternative is to phone them, that I can’t imagine anyone caring about intercepting random comments by random members of the public, and that 99.9% of said members of the public won’t be able to deal with anything more complex than that, it’s probably good enough.” That makes sense. More sense than me highlighting an attack that is theoretically possible but of which the cost outweighs the benefit in real life — in nearly all, if not all, real-life scenario’s.

UPDATE 2011-08-25: it appears that NZSIS removed the PGP key [2] from the source of https://providinginformation.nzsis.govt.nz/vwi/.

UPDATE 2011-08-21: As areopagita stated in comment below (thx!), the Soghoian/Stamm attack is indeed independent of the issuer; I only focus on a specific scenario here. Perhaps the following provides some clarification. Internet Explorer and Firefox are distributed with a root certificate of the Dutch govt, “Staat der Nederlanden”, installed by default (check your browser!). The Dutch govt might ask, coerce or compromise a New Zealand ISP to redirect providinginformation.nzsis.govt.nz to an IP address under Dutch govt control, and then, via a self-issued SSL-certificate for providinginformation.nzsis.govt.nz, see whatever is sent via the tip-off form; and perhaps even decide not to relay it to NZSIS. The fact that the Dutch govt (or Verisign, or etc.) can issue an SSL-cert that is automatically trusted by the browsers used to provide security tip-offs to New Zealand’s intelligence service to me seems a practical risk for both NZSIS and informants. If you have an opinion about this, please comment! I informed NZSIS about this post.

====== START OF ORIGINAL BLOGPOST FROM 2011-08-19 ======

Via IntelNews.org I learned that the New Zealand Security Intelligence Service (NZSIS) opened up a public tip-off form at providinginformation.nzsis.govt.nz. The form is protected by SSL (Verisign-issued certificate), but due to the attack explained in [1], I believe SSL offers an unacceptably low level of privacy protection to New Zealand’s public informants. The actual form is loaded in an IFRAME, and its source contains a (public) PGP key [2] — but it can’t be trusted to be authentic, because it’s sent over what should be assumed to be an insecure channel. I decided to submit an obviously nonsensical test-tip while Firebugging my connection, and low and behold: the information I entered is HTTP POST’d via XMLHttpRequest in unencrypted-by-PGP form in the Aviarc.datasets variable. So basically, if you submit a tip, the only protection you have is the Verisign-signed SSL cert. It’s not for me to decide, but I’d personally rather not take that risk when tipping off NZSIS about, e.g., presence of, hypothetically, US spies in New Zealand. Does New Zealand really have such urgency for public tip-offs that this insufficient level of protection of informants is considered acceptable for now?

[1] Christopher Soghoian and Sid Stamm, Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL (.pdf), presented at HotPETS 2010, Berlin

[2] The PGP key (4096 bit RSA, created 2011-07-19, never expires):

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v2.0.17 (MingW32)
mQINBE4k3g8BEADiAIXTaD6NTRfdACFCvC2UGjnBzCgT+Lotk+qdRjud+QXVWjV9
Y4fd+dWkAwKGNgcBHEZIraEWD3oS+mnvZcQ3UX3lcwmE0JLvRILmtGykeQ+HzA4b
EMLYd7zxY7DXPpA8EkQ5oSX2F9ER4PBEsu+y+Oo7cQSiuIyBwtMNaZBd4EDsDPY6
kHUFJIVFpUIyPIkrrBILMimSzPxIawHkkV5vHEmed4EvbSG856yHCXcIOHOuFDdY
f1eeKXSRxY6ZSw+K4v6BVfUYDwDNrAYIQBiilmxzr1pm4avnI1O+yKG/zHa7/h2G
3NMEMIEuWva8tJL4C5EZ6cirebCr+HgqKLpeo8lWQacs6O78yqMOaUZddtRKrlZH
vQg8NDKQ72y7FkhizR1YO6zxE62hhaL/C9l2heW0I9U0BWTljcrw8Yf5fvKLY15O
MbghJjE+xeQD00P+x06w4P7zPiu9dG2RL5UpxNLunJoPkqdkLWd3Q0F7Ds1ULnfe
rqoHoHnMs9OHpahHTvjBWKFhZ5aQvUZOBSoYcxYXCkLaxXU36VlecINrbcXpJx8H
LfHJHcyBxm7oJS9d541XQy6taDl8OOVcnznF7iIcSWV86DLGDigmoX6tVKtEaZOC
08LJXjz72Rzb490rOtuEGjsg4Z3OSHnOXH1E+6TLJIIdFgvAIfF5kkJwUQARAQAB
tDhWaXJ0dWFsIFdhbGstSW4gKFB1YmxpYyBTdWJtaXNzaW9ucykgPHZ3aUBuenNp
cy5nb3Z0Lm56PokCOAQTAQIAIgUCTiTeDwIbAwYLCQgHAwIGFQgCCQoLBBYCAwEC
HgECF4AACgkQYHY12a3oPV+Q4w//TUnqf9u2euKDrfvES2v57uvOVy5TJ8EQ8dZ1
A70WSu/w9DSL+IymJjrJy9CpkY657TIUglZdHyMRWbD+nnUmIlG5pnrKXW9OswVx
jTrXerKt6L5jQo8/AhU99kY+IOGyXjmRKpl9FDnh4NOFrsCmOiTVuI2pAbKLhSyi
98rWEC5QVs5xN0Wb5+xZMnDPh2FOk8R1D3QhxuvRrj1w+1pSuV5SbdIsx/G/L02w
H5o7l52Ppelw6tet3PI/vKwwD8PfLb0uEVxHwoh0pW1TdusQTuVTeno4mFrQQK69
ulsqT/NurX9YtlBONOepltJzgm3ziHYBKTsWfcIisr2ATxdXDnkeYOzt/6TsTb7r
8whIpo1KR+sV/ywBJbHspSqV7ykf9PuyQneKdQgIqJGoqT3ovEgze6ssMOCqJ1Nx
VzCE7TyyI6Alhtmc+rGPnb1t9X6Yp16/xrLKyq/oYDDY2F9AP63XUMblfw/RV2G2
b64GzGG2Cf6QM2Y2FC0O5jDY3n5n8YNw80wweZ+TsCRT1jvWdqsIu4/FMxjvP8c/
WZjwEnV/hutH8Ws7IG0EvMqWCi2H5wEJoclcuE/83xxPwx08R7OY+jp9/LjlFR4U
wca7ybdCvssy9dxQ5eptzQz0AatGTrBlK6cHD+ILFbXBi0sl3ReaQY79akGMpqMS
BuHiI3y5Ag0ETiTeDwEQAN9Lmut3+KERuEe/nqzdVu8O1AFuLGuMyYNoGwNbjMNU
evs4ewseeITfGtOFHFYNt96H+Gwa4bLUEWhYDufRL4+j0TNaDwDRTBCz5iy4Hl0d
A+yUaxO2Ut6iytWJ4SRoE+K6+yxx1FgV5ZjeDZ0rZdKDXnlvoa4laJbnzkEfhOT1
6p203Z3+NwvR+GT4sdmc031dowCycJNJ3Z5Cwsri1MtfAkFA67LFQHgtxAzn9LmQ
hcSKaIb5HheS7BQkNCo3sISE9dM5Hupbhxyz2R3QfHaprK28L61evtxNCbYMF+Aa
rau9uM4g4ACi13XL5ulDjJGc2kaJjU6KSmguOmKmsFM3/h23p4eubiLwJgVSUREy
BASn4OveUYM9JvkEKWl89Rj6crtjQ9a38QvhuAlypjPNT+AVAeG+LqkIko0poKI1
nyva+uhJ7JPWddG0uzYguHGtaLOImGJ6fAE/DpIhzl/0AD3+fAuplzH9H5LUt2PI
9TXywCW+sM6PVFDskvaZUGfyILAscz2YhdYA6+0cauoLWh7yTUaIjoUE5RI63xjN
xpD11FrTRJxiOwEP4CXm6FAp1IcYtYPfzNRN58OMy0oNFyRwY2SIHLefy1Ba4j4k
oZSoJ3I0f4o/3DeA3QaUvBXZiubEYr0NmhMzkgYZi75qllHh9KUZ3G+eFnwkTSTv
ABEBAAGJAh8EGAECAAkFAk4k3g8CGwwACgkQYHY12a3oPV+LHA/8Ca8bkS1uBJ4m
ho4RAXdohaHtbBefYozIbFpT4lGaKPVzcROpNFTF8sRUbWJUkpVQ/zpGRae4DmVV
I6n5OA15qHLLfUK4V/h5yHyvoQpuyYb6KcBMWUTR3vFytpaKmRmTm0+cN2+3iEDN
iTEywiX/HpWPlMAuxP587h5PCSyTWSIwI+c7CH2rAeIJHS6k48mscDo6A+FkkGvj
pUFWfUuLjzStrTx0ZQ7Iq18ZZzciqnsrflF9rqt4CFVkM95eovQtN2qjDz7QR1im
hmo6ksIbNvn8IlTf+BIZQ4wHNyHbeIRDeNpGQzDHHYgd4ByA/MesrEOPNTEcvd18
PGdJtyabnLQT/FRHQ6oDoUNSw+XluiTnUzHVnkOBU4D3zi5OB6CLclNpqrgIiAqF
tsTjoj9pxDQwJh9pAxah3IXxvx/XPeTMmRAIPMVIm8/FLP2s/qkESL5LhJERNytv
OA2SgaB0yxv/3f3quEhbOKBjsQQ0FW/Li6L+ZoX56bLa8jb/j5SSI0P6AIw4VqyO
KMuIjc09ILu4UzXmoE3rZBChVa33xqu0TbTBuqmuFCUvNQuhuqXszNp11o3fyglf
qfPMI0q2jC2jfWotzTxz5//KGGQXBqzJs9kDvuRMt7NoYwzl0qRwhRbt0m9fHT0T
SkLicv0qsmfVKgr6YTculd5seZhr/j8=
=+R2P
—–END PGP PUBLIC KEY BLOCK—–

4 thoughts on “New Zealand SIS Only Uses SSL To Protect Public Informants’ Privacy

  1. I think you are mostly wrong, Verizon only signs NZSIS public key , they never have access to private key and thus never can decrypt the data you exchange with their web.

    Also attack descrived on Christopher Soghoian and Sid Stamm paper affect any SSL and have no relation with which is the original issuer.

  2. @areopagita: You’re welcome, thanks for your comments. I apologize for the N>5 mails you probably received from Google due to me I did N>5 updates to my own comment here. That’s an ADHD-style #FAIL on my behalf 🙂

  3. Hi there Matthijs.

    I’m going about this in a backwards way, but I was unsure of how to contact you.

    I’m I’m a staff writer at the IAPP, an association for members of the privacy profession. We reported on your recent research on the Google profiles database. I’m working on creating a compilation of ongoing privacy research projects for the next edition of our member newsletter, the Privacy Advisor. I wondered if, beside your findings the profiles database, if you’re working on any new privacy research–or have plans to work on new privacy research–that we could tell our readers about? It doesn’t have to be conclusive research for us to report on it, we just want our readers to know what kind of research projects are or will be ongoing. If so, I could e-mail you some questions or we could chat on the phone, whichever is easiest. I can be reached at .

    Thanks for considering!

Leave a Reply to Angelique Cancel reply

Your email address will not be published. Required fields are marked *