A serious security flaw has been discovered in Cyberoam Deep packet Inspection (DPI) devices, which Cyberoam uses to intercept SSL packets. The device functions in a simple manner. It cloaks its presence by forcing users to install a fake CA in their browsers, and then using this CA to issue fake certificates for websites. The certificate contains a public key, and is quite easy to spoof. furthermore, the user’s consent to install the certificates makes the handshake possible. Cyberoam is extremely popular in corporate organizations, educational institutions and government agencies for varied reason, ranging from blocking access to websites to spying on users.
Cyberoam subverts the original CA and plants its own faux CA instead. But what are the implications of this? A TOR user in Jordan has found something interesting. Cyberoam uses the same fake CA across all devices, but the problem with their implementation, is that there is no intermediate key which the CA signs. Thus, all Cyberoam devices have the same private key and this opens a wide array of possibilities for tinkerers.
But the worst part is yet to come. The key from one device can be extracted, and can be used to intercept traffic from any other Cyberoam client. This is embarrasing for Cyberoam, and it has not responded publicly on this matter yet.
The Tor media page reports this, saying,
It is therefore possible to intercept traffic from any victim of a Cyberoam device with any other Cyberoam device – or, indeed, to extract the key from the device and import it into other DPI devices, and use those for interception. Perhaps ones from more competent vendors.