IT Baseline Protection Manual - The Information Warfare Site

Threats Catalogue Deliberate Acts Remarks
____________________________________________________________________ .........................................
T 5.84 Forged certificates
The purpose of certificates is to link a public cryptographic code to a person.
The link of a code to the name of a person is then protected cryptographically
using the digital signature of a reliable neutral organisation. These certificates
are then used by a third person to check digital signatures of the person
identified in the certificate or to send this person data with the code recorded
in the certificate.
If such a certificate is forged, false signatures seem to be correct when
checked and are associated with the person in the certificate or data is encoded
and sent with a code which may be insecure. Both opportunities for attack
may induce a perpetrator to bring forged certificates into circulation.
Forged certificates can be produced in various ways:
- Internal perpetrators from the neutral organisation create a certificate with
false entries using their own signature code. This certificate is authentic
and is verified to be correct when tested.
- Perpetrators pretend to be someone else and demand a certificate which is
made out to this person, although the perpetrators are in possession of the
secret code which corresponds with the public code.
- Perpetrators produce a certificate and sign it with a code of their own. The
forgery is only noticed if the certificate is tested and it is possible to
determine that the certificate was made out by an unreliable organisation.
Once perpetrators have somehow got hold of a certificate with wrong entries,
they can pretend to be someone else when communicating with peers at any
time, both when sending and when receiving messages.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000