Tavis Ormandy, one of Google Project Zero's most proficient security researchers, has identified two issues in the way Kaspersky security products inspect HTTPS traffic for web threats.
According to the researcher, the Kaspersky performs this operation by its root certificate (Kaspersky Anti-Virus Personal Root) as a trusted certificate authority (CA) in the operating system's authorized certificate store.
Every time users access a web resource hosted via HTTPS, Kaspersky security software proxies all SSL connections and deploys its own (leaf) certificates to scan the incoming connections for any threats.
This way traffic is still encrypted, but certificates appear to be issued by Kaspersky's root certificate.
Here's where Ormandy discovered the first problem. The researcher says that Kaspersky uses the first 32 bits of a real certificate's MD5 hash as the key for the cloned leaf certificate.
When users (re-)access HTTPS resources, the antivirus searches for this MD5 signature and reuses the same cloned leaf certificate.
"You don't have to be a cryptographer to understand a 32bit key is not enough to prevent brute-forcing a collision in seconds. In fact, producing a collision with any other certificate is trivial," Ormandy explained in a bug report made public yesterday.
In a real-world example, Ormandy says that the 32bit key of certificates for the sites HackerNews (news.ycombinator.com) and the portal of Manchester, Connecticut (manchesterct.gov) are the same.
Ormandy reveals that this bug broke HTTPS connections for many Kaspersky users, who were unable to access secure websites, or the website downgraded to using HTTP instead.
The second bug Ormandy discovered relates to the private key file of the root certificate Kaspersky adds to each computer it's installed on.
Ormandy says that Kaspersky products used a weak mechanism to protect these crucial files.
The researcher says that, in theory, this allowed attackers with access to the system to alter the private key, become a trusted certificate authority, and deploy SSL certificates on the user's machine that they could use to intercept or start HTTPS connections.
Both bugs have been properly reported to Kaspersky's staff this fall. The company published updates for both on December 28. Users of Kaspersky antivirus software should make sure they run the most recent update.