INV-002
illusoryTLS
Nobody but us: one poisoned certificate against the entire trust architecture
A Pwnshow Investigation · 2014–2015 · Status: completed · Programs: Investigations

1. The question
The Web’s trust rests on a certificate store: a few hundred Certification Authority certificates that browsers and servers treat as axioms. INV-002 asks what one corrupted axiom does to everything built on it — specifically, whether a single CA certificate carrying a secretly embedded backdoor can be made indistinguishable from an honest one, and what its mere presence does to the security of the whole X.509 Public Key Infrastructure. It is the trust-architecture instance of the series’ recurring finding: systems fail at the component everyone assumed was trustworthy. The lesson it isolated here — that a trust regime collapses to the strength of its weakest implicitly trusted element — is carried forward explicitly into INV-007’s analysis of AI safety guardrails that fail silently under modification.
2. Method note
Movements. Conceive the adversarial process; execute to the standard of evidence; translate across registers. The conceived process was a constructive proof by demonstration: rather than argue that a backdoored trust anchor was possible, build a working one and a complete TLS client–server system around it, then show that neither the code nor the certificate reveals anything amiss under inspection.
Instruments. An instance of the Young–Yung SETUP construction — an elliptic-curve asymmetric backdoor in RSA key generation — embedded in the RSA modulus of a CA certificate; a minimal HTTPS client and TLS server built on an unmodified open-source Haskell library (network-simple-tls), so that the surrounding system is demonstrably clean and the backdoor lives entirely in data; and an original embedding technique using Elligator to close a detectability gap present in prior variants (see below). The threat model was stated explicitly: an adversary able to influence standards, interdict the supply chain, or simply build the CA’s key-generation module.
Exclusions. No backdoor was placed in the endpoints’ credentials or in any system code — the entire compromise resides in one trust anchor, by design, to isolate the variable under study. The work assessed whether current IT-product security certification (Common Criteria protection profiles for CA key generation, EN 319 411-3, at the assurance levels industry actually demands) could exclude such a backdoor, and found it could not at those levels.
3. Findings
- A CA-certificate backdoor can be made information-theoretically silent to black-box inspection: under the ECDDH assumption, the backdoored key pairs are indistinguishable from genuine RSA key pairs to any probabilistic polynomial-time algorithm. The complete source code of the system does not enable anyone but the designer to exploit it (the NOBUS property), and the construction is forward-secret against a reverse engineer who breaches the generator.
- The presence of one such certificate in the store renders the entire TLS security of a relying party fictional — impersonation, message tampering, and active eavesdropping all become available to the backdoor holder via a man-in-the-middle position, without touching any endpoint or any other key.
- The damage generalises because of universal implicit cross-certification: since all root CAs are treated as equally trusted, the security of the whole PKI reduces to that of its least trustworthy member. This is a structural property of the deployed Web PKI, not a bug in any one product.
- This threat is not convincingly mitigated by current certification: because the certification process relies on developer-supplied vulnerability documentation and does not mandate formal methods below its two highest assurance levels, evaluation at the level industry demands can fail to rule out a key-generation backdoor.
- The corollary is a standing rule: as long as the key-generation implementations used by trusted issuers cannot be audited by relying parties, any root certificate from such an issuer must be regarded as a potential backdoor — the assurance it provides is, in the adversarial case, none.
4. Consequence
Recognition. The technique was selected for the WhiteHat Security Top 10 Web Hacking Techniques of 2015 — the peer-review signal of the applied-security community — and the contest entry was shortlisted in the first Underhanded Crypto Contest.
Method contribution. The Elligator-based embedding algorithm repaired a detectability weakness in a contemporaneous variant of the attack, contributing a reusable technique (and released tooling) to the study of kleptographic backdoors, rather than only a single proof of concept.
Discourse. Delivered across three of the field’s established venues in a single cycle — HITB SecConf Amsterdam, DeepSec Vienna, and ZeroNights Moscow — the investigation put the “one rotten apple” framing of implicit cross-certification into circulation during the same period (2015) that CA-trust failures were themselves in the news.
5. Artefact record
| # | Artefact | Type | Venue / identifier | Date | Access |
|---|---|---|---|---|---|
| 1 | illusoryTLS — reference implementation (backdoored CA, TLS client/server) | code | github.com/secYOUre/illusoryTLS | 2015 | repository |
| 2 | rsaelligatorbd — elliptic-curve asymmetric backdoor in RSA key-generation, Elligator-based | code | github.com/secYOUre/rsaelligatorbd | 2015 | repository |
| 3 | The illusoryTLS Asymmetric Backdoor: Auguste Dupin Meets the Kleptographer — design document | paper (informal) | Underhanded Crypto Contest submission | 2014 | paper |
| 4 | illusoryTLS: Nobody But Us — Impersonate, Tamper, and Exploit (whitepaper / delivery draft) | paper (informal) | HITB SecConf 2015 Amsterdam | May 2015 | paper |
| 5 | illusoryTLS — Nobody But Us (delivery draft) | paper (informal) | ZeroNights 2015, Moscow | Nov 2015 | paper |
| 6 | illusoryTLS — slide deck | slides | HITB SecConf 2015 Amsterdam | May 2015 | slides |
| 7 | illusoryTLS — slide deck | slides | DeepSec 2015, Vienna | Nov 2015 | slides |
| 8 | illusoryTLS — slide deck | slides | ZeroNights 2015, Moscow | Nov 2015 | slides |
| 9 | illusoryTLS: Nobody But Us — Impersonate, Tamper and Exploit | talk recording | DeepSec 2015, Vienna | Nov 2015 | talk |
| 10 | PyElligator — Python bindings for an Elligator implementation supporting Curve25519 | code | github.com/secYOUre/pyelligator | 2015 | repository |
| 11 | Selection: Top 10 Web Hacking Techniques of 2015 | press / recognition | WhiteHat Security | 2016 | press |
The project’s canonical microsite aggregates the above.
6. Continuity
Inherits: the fault-and-trust concerns of INV-000 (fault attacks on cryptographic modules; the reliability of the cryptographic primitives others build upon). Feeds: INV-007, whose central finding — that safety guardrails are a removable surface layer and a trust regime fails silently at its weakest assumed-trustworthy point — is the same structural lesson relocated from the X.509 store to open-weight model alignment.
7. What’s next
—
8. Provenance
Provenance. This investigation was produced without external funding. No entity related to Pwnshow’s personnel has a material interest in its findings. Where this work draws on the author’s experience of vulnerability and capability markets, it relies on that general expertise and on the public and published sources cited, not on non-public commercial information.
Added 2026/07/07 under Policy v1.0.
Page last updated: 2026/07/07 · Part of the Pwnshow investigation series
← Investigations index