100% Encrypted Web New Challenges for TLS · SESSION ID: #RSAC Kirk Hall 100% Encrypted Web New...
Transcript of 100% Encrypted Web New Challenges for TLS · SESSION ID: #RSAC Kirk Hall 100% Encrypted Web New...
SESSIONID:SESSIONID:
#RSAC
Kirk Hall
100% Encrypted Web New Challenges for TLS
PDAC-W10
Dir. Policy and Compliance, SSLEntrust Datacard
#RSAC
We are moving toward a 100% encrypted web – but can we get it right? We must leverage certificate identity data for greater user security
#RSAC
WeWillDiscuss…
3
TypesofServerCertificatesPastandPresentBrowserUISecurityIndicatorsPositiveDevelopmentsinEncryptionNegativeDevelopmentsinEncryptionUsingIdentityinCertificatesasaProxyforUserSafetyHowDoWeGettoaCommonBrowserUIThatLeveragesIdentity?NextSteps
#RSAC
TypesofServerCertificates
7
OrganizationValidated(OV) – Basicidentityconfirmationthroughsimplevetting,confirmedcustomercontactusingreliablethirdpartydata
#RSAC
TypesofServerCertificates
8
OrganizationValidated(OV)
CloseUp:
SampleBrowserTreatment(Chrome):
#RSAC
TypesofServerCertificates
9
ExtendedValidation(EV) – Strongidentityconfirmationthroughextensivevettingusingreliablethirdpartydata,andgovernmentregistries
#RSAC
TypesofServerCertificates
10
ExtendedValidation(EV)
CloseUp:
SampleBrowserTreatment(InternetExplorer):
#RSAC
PastandPresentBrowserUISecurityIndicators
12
1995-2001:OrganizationValidation(OV)only;two UIsecuritystates
2001-2007:DomainValidated(DV)addedasalternativetoOV;stillonlytwo securityUIstates– nodifferentiationbetweenDVandOV
#RSAC
PastandPresentBrowserUISecurityIndicators
13
2007-Present:ExtendedValidation(EV)addedasalternativetoDVandOVFour securityUIstates,including“problem”state;stillnodifferentiationbetweenDVandOV
#RSAC
PositiveDevelopmentsinEncryption
15
Rapidmovetoencryption– Webnowover50%encryptedBrowsersmandatingencryptioninstages– otherwisereceivenegativebrowserUI– “https://”becomingthenewnormalEncryptedsitesreceivehigherSEOrankingsAutomatedcertificateissuanceandinstallation– Boulder,ACME,Certbot – makeiteasyforsmallusersFreeDVcertificateservices– Let’sEncryptandothers– encouragewebsitestotryitoutThePCISecurityStandardsCouncil recommendstheuseofOV/EVcertsaspartoftheBestPracticesforSafeE-Commerce
Source:https://www.pcisecuritystandards.org/pdfs/best_practices_securing_ecommerce.pdf
#RSAC
PositiveDevelopmentsinEncryption
17
But what good is encryption if you don’t know who you’re talking to…?
#RSAC
NegativeDevelopmentsinEncryption
19
MalwareexploitsaremovingtoencryptionandarehardertoblockRISING USE OF ENCRYPTION GIVES MALWARE A PERFECT PLACE TO HIDE
“Nearlyhalf ofcyber-attacksthisyearhaveusedmalwarehiddeninencryptedtraffictoevadedetection.
Inanironictwist,A10Networkshasannouncedtheresultsofaninternationalstudy***revealingthattherisktofinancialservices,healthcareandotherindustriesstemsfromgrowingrelianceonencryptiontechnology.
Agrowingnumberoforganizationsareturningtoencryptiontokeeptheirnetworkdatasafe.ButSSLencryptionnotonlyhidesdatatrafficfromwould-behackers,butalsofromcommonsecuritytools.”Source:http://www.infosecurity-magazine.com/news/rising-use-of-encryption-gives/
#RSAC
NegativeDevelopmentsinEncryption
20
DVcertificatesarenowthedefaultchoiceforfraudsters– “look-alike”names,anonymity,free,thepadlock,noUIwarnings:
#RSAC
NegativeDevelopmentsinEncryption
21
CERTIFICATE AUTHORITIES ISSUE SSLCERTIFICATES TO FRAUDSTERS“Injustonemonth,certificateauthoritieshaveissuedhundredsofSSL
certificatesfordeceptivedomainnamesusedinphishingattacks.SSLcertificateslendanadditionalairofauthenticitytophishingsites,causingthevictims'browserstodisplayapadlockicontoindicateasecureconnection.Despiteindustryrequirementsforincreasedvettingofhigh-riskrequests,many fraudstersslipthroughthenet,obtainingSSLcertificatesfordomainnamessuchasbanskfamerica.com ***,ssl-paypai-inc.com ***,andpaypwil.com***.”
Source:http://news.netcraft.com/archives/2015/10/12/certificate-authorities-issue-hundreds-of-deceptive-ssl-certificates-to-fraudsters.html
#RSAC
NegativeDevelopmentsinEncryption
22
Manybrowsersnolongerdoeffectiverevocationchecking
CONCLUDING DISCUSSION
“Overall,ourresultsshowthat,intoday'sWeb'sPKI,thereisextensiveinaction withrespecttocertificaterevocation.Whilemanycertificatesarerevoked(over8%offreshcertificatesandalmost1%ofalivecertificates),manywebbrowserseitherfailtocheckcertificaterevocationinformationorsoft-failbyacceptingacertificateifrevocationinformationisunavailable.”
Source:https://web.stanford.edu/~aschulm/docs/imc15-revocation.pdf
#RSAC
NegativeDevelopmentsinEncryption
23
SomeCAsnolongerdocertificaterevocationforencryptedmalwaresites
Let’sEncryptbelievesthat“CAsmakepoorcontentwatchdogs,”andeventhoughphishingandmalwaresitesarebad“we’renotsurethatcertificateissuance(atleastforDomainValidation)istherightlevelonwhichtobepolicingphishingandmalwaresitesin2015.”SoLet’sEncryptwillnotrevokeforphishingorfraud.“TreatingaDVcertificateasakindof‘sealofapproval’forasite’scontentisproblematicforseveralreasons,” includingthatCAsarenotwell-positionedtooperateanti-phishingandanti-malwareoperationsandwoulddobettertoleavethoseactionstothebrowserwebsitefilters.
Source:https://letsencrypt.org/2015/10/29/phishing-and-malware.html
#RSAC
NegativeDevelopmentsinEncryption
24
Usersassumeallencryptedsiteswithpadlocksare“safe”sites:“Thebiggestproblemwith[thedisplayofDVcertificatesinthebrowserUI]isthatit
democratizesaccesstohttpsforanywebsite.Yes,onthesurface,thisshouldinfactbeapositivethingthatwe'recelebrating.Unfortunatelyhumannaturecomesintoplayhere.Whenmostpeople(non-geeks/non-IT)seehttps,immediateandunwaveringtrustisimplied.
“Eventhough[DVcertificatesare]merelyprovidingencryptionforyourwebsite,mostpeoplevisitingitwillgiveitthesameleveloftrustaswebsiteswiththe"greenbar"https(ExtendedDomainValidation),whichincludesthecompanynamenexttothepadlockintheaddressbar.”Fraudstersalsosprinklestatic“padlocks” alloverthepagetofoolusers.
Source:http://www.datamation.com/security/lets-encrypt-the-good-and-the-bad.html
#RSAC
WhatAboutBrowserWebsiteFilters?
25
Browserwebsitefiltersexpand,butarenotacompletesolution forusersafety– thousandsofbadsitesarenotincludedMicrosoftSmartScreenproblems:OnlyprotectsusersinWindows
Userscan’treportphishingURLs– mustvisitbadsitefirsttoreport,clickonbuttonSmartScreenfilterscanbebypassedbyfraudsteremail/click-throughs tobadsite
GoogleSafeBrowsing:OnlyworksonGooglesearchresults/GooglepropertiesPrivacyissues– cookies,retainsbrowsingrecordsonsamedeviceReliesonproprietaryGooglealgorithms,nottransparenttousers
BothSmartScreenandSafeBrowsingmustbeturnedontoworkReactivesystems–backtothe‘90s
Likecopssolvingacrimeafter ithappens– butnotpreventing thecrime
#RSAC
ManyBadSitesMissedbyBrowserFilters
26
[URLsmodifiedforsafety]Source:Comodo ValkyriemalwareanalysissystemMorephishinglinks:http://cdn.download.comodo.com/intelligence/ctrl-06-02-url.txtMoremalwarefilelinks:http://cdn.download.comodo.com/intelligence/ctrl-06-01-url.txt
ThousandsofMalware/PhishingsitesnotdetectedSmartScreen SafeBrowsing
usbbackup.com/cgi-biin/update.apple-id.com/4bebac1b93b057sjgurnm94a6b06c59b7/login.php 0760mly.com/js/wwwpaypalcom/IrelandPayPal/signing38CountryIE/ieLogIn.html aggelopoulos.com/wp-content/uploads/2008/ 07/ www.paypal.com/beta.entab9387.net/wp-theme/image/img/DHL/tracking.php https://gallery.mailchimp.com/2724801a312bda1123d554199/files/Electronic_Shipping_Document.zip
http://121.134.15.63/www.paypal.com/websc-login.php http://alfssp.net/www.confirm.paypal.com/websc-login.php http://aquaseryis.marag.pl/wp-includes/random_compat/apple.co.uk/ https://gallery.mailchimp.com/2724801a312bda1123d554199/files/Electronic_Shipping_Document.zip
#RSAC
ConfirmingIdentity– HowIt’sDone
29
OrganizationVetting(OV)Find thecustomerinareliablethirdpartydatabase,suchasDun&BradstreetorHoover’s
Call thecustomerrepresentativethroughanumberfoundonthethirdpartydatasource,confirmorderislegitimate:+1-425-882-8080 forMicrosoft
Confirm domainownershiporcontrol(usingCA/BrowserForumMethods)
#RSAC
ConfirmingIdentity– HowIt’sDone
30
ExtendedValidationVetting(EV)– Allthatandmore:Confirmactivestatusofcorporationwithgovernmentagency
CheckauthorityofcustomerrepwithcompanyHRDepartment
Checkagainstblacklists,prohibitedlists,etc.
#RSAC
What’stheProblemWithCurrentBrowserUIs?
31
NoconsistencyamongbrowserUIsastofourstates:unencrypted,DV,OV,andEVIndividualbrowsersfrequentlychangetheirownUI,userscan’tkeepupAddingarrayofotherwarningstoUI(minorproblems,majorproblems)thattheaverageuserdoesn’tunderstandMostmobiledevicesdon’tevenshowanysymbolforencryptionAsaresult,usersareconfused abouthowtoreadbrowserUIs
TAKE A LOOK…
#RSAC
Whatif“Stop”SignsWereAlwaysChanging?
33
That’swhatbrowserUIsecurityindicatorshavedone – userconfusion!
#RSAC
WhatDoesAnyofThisMean?WhataMess!
34
Source:RethinkingConnectionSecurityIndicators,https://www.usenix.org/system/files/conference/soups2016/soups2016-paper-porter-felt.pdf
#RSAC
HelpIsOnTheWay!…Orisit?
37
June2016GoogleUIpaperproposedstandardizingaroundonlythreesecuritystates–butbasicallyabinary, two-state “secure/notsecure”UI.Plus,EVUImaybedisappearing:
#RSAC
Here’sWhatThisCanMean
Phishingsite:paypal.com.summary-spport.comHere’showitlooksasanhttp sitetoday– justagraycircle-i:
Soon,Chromewilltreathttp sitesas“NotSecure”:
#RSAC
PhisherswillmovetoDVcertsfor“Secure”UI
Phishingsite:paypal.com.summary-spport.com getsanonymous,freeDVcert:
Chromegives“Secure”https browserUItophishingsite:
#RSAC
IsThistheFuture?
IfEVgreenbardisplayislost inChrome,andreal andphishingPayPalLoginpageslookthesame(“Secure”)– Can’ttellthedifference!
#RSAC2016Study– https alonenolongereffectiveforanti-phishing,EVindicatorscanbeimproved
“Inthepast,HTTPSwasviewedasasignofwebsitetrustworthiness;gettingavalidHTTPScertificatewastoodifficult fortypicalphishingwebsites.***Subsequently,HTTPShasceasedtobeausefulsignalforidentifyingphishingwebsitesbecauseitisnolongerunusualtofindmaliciouswebsitesthatsupportHTTPS.***
“EVisananti-phishingdefense,althoughitsuseislimitedbylackofsupportfrompopularwebsitesandsomemajormobilebrowsers.AllmajordesktopbrowsersdisplayEVinformation,butsomemobilebrowsers(includingChromeandOperaforAndroid)donotdisplayEVinformation.OlderliteraturesuggeststhatEVindicatorsmayneedimprovement.***ImprovingEVindicatorsareoutofscopeforourcurrentwork.”
Source:RethinkingConnectionSecurityIndicators,https://www.usenix.org/system/files/conference/soups2016/soups2016-paper-porter-felt.pdf
#RSAC
ChainofLogic
43
Browsersarepushingwebsiteownersto100%encryption(good)FraudstersarerushingtofreeDVcertstohide(bad)DVcertsarefree,allowanonymity,noidentity,norecourseOVandEVcertsincludeidentity,allowrecourse– almostnofraudorphishinghasbeenrecordedforOV,noneforEV
But,userscan’ttellthedifferencebetweenDVandOVcerts– bothreceivethesameUI inthebrowsers;EVmaybedowngradedtosamelevelasDVandOVbyChromeinfuturereleaseConclusion:WearewastingvaluableidentityinformationalreadyinsideOVandEVcerts– shoulduseasaproxy forusersafety
#RSAC
Let’sUsetheDataWeAlreadyHave
Thereissomuchidentitydataincertificatestoday– butmostofit’shiddenWhyaren’tweusingidentitydatatoblockphishingandmalwaresites?
Source:FrostandSullivan
2016Data
Type Number(000s)
Percent Combined
DV 7,503 75% OV 2,353 24% 25%EV 243 1%
#RSAC
FivePrinciplesofTLSCertificateIdentity
46
First,adopttheFivePrinciplesofTLSCertificateIdentity:
1. Identity inTLSservercertsshouldbeusedbybrowsersasaproxyforgreaterusersafety
2. CAsshouldvettheircustomerstothehighestidentitylevelpossible
3. OVcerts shouldreceivetheirownbrowserUIdifferentfromDVcertstoshowusersafety
4. EVcertsshouldcontinuetoreceiveaseparatebrowserUIfromOVandDVcertstoshowgreaterusersafety
5. BrowsersshouldagreeoncommonUIsecurityindicators,avoidchangestoUI,andworkwithotherstoeducateusersaboutthemeaningofthecommonUIsecurityindicatorsforgreaterusersafety.
#RSAC
Here’sWhoHasEndorsedtheFivePrinciples
47
CurrentendorsersoftheFivePrinciplesofTLSCertificateIdentityandadoptionofanew“Universal”browserUI:
MoreCAendorserstocome…
#RSACDowebsiteownerscareaboutidentity?Youbettheydo!(Nooneaskedthembefore…)
PUBLICENDORSEMENTOFWEBSITEIDENTITYPRINCIPLESWe,theundersignedorganizations,stronglysupportthedisplayofwebsiteidentityforusersecurity,andwespecificallyendorsethefollowingwebsiteidentityprinciples:
1. Websiteidentityisimportantforusersecurity.
2. TLScertificatetypesthatareusedtosecurewebsites– ExtendedValidation(EV),OrganizationValidated(OV),andDomainValidated(DV)certificates– shouldeachreceiveadistinct,clearly-definedbrowserUIsecurityindicatorshowinguserswhenawebsite’sidentityhasbeenindependentlyconfirmed.
3. BrowsersshouldadoptacommonsetofbrowserUIsecurityindicatorsforeachcertificatetype,andshouldeducateusersonwhatthedifferencesaretopromoteusersecurity.
ThefollowingenterprisesendorsetheseWebsiteIdentityPrinciples:
#RSACWebsiteownerswhosupportWebsiteIdentityPrinciples
Source:ComodoandEntrustDatacard
Plusmanymoreenterpriseendorsers!SignuptosupporttheWebsiteIdentityPrinciplesatCASCsite:casecurity.org/identity
#RSAC
Adopta“Universal”UIforallBrowsers
50
Hereisaproposal thatwouldworkfordesktopandmobileenvironments.Thisisjustastartingpointfordiscussion…
Designby:ChrisBailey
#RSAC
ObstaclesandResponsesto“Universal”UI
51
“Usersdon’tunderstandthedifferenceamongDV,OV,andEV”Response: That’sbecausebrowserskeepchangingUIs,andthere’snousereducation=userconfusion
“OVvettingisn’trigorousenoughforitsownUI”Response: CAsstandardizedOVvettingin2012,andcanstrengthenfurther
“Webrowserswilldecidesafetyforourusers– maybejustabinaryUI”Googleapproach– buttotallywastesavailableidentityinformationincerts
“It’stoohardtotransitionfromcurrentDV/OVsingleUItonewOVUI”Response:announceayearahead– customerswillmigratetoOVtogetthebetterUI
#RSAC
UserEducationwillbeBasedonCertGuidelines
52
Tohelpdevelopusereducation,startbydefiningwhentouseeachtypeofcertificate:
#RSAC
HowDoWeEducateUsersontheNewUI?
53
Here’sthesimplemessageforusers:“Lookforthewarnings”andinsistonencryptionasaminimumrequirement(i.e.,followthebrowserwarnings toavoidhttp,brokenhttps)“Lookforthepadlockintheaddressbar”(OVorEV)beforeprovidinganypersonalinformation (password,creditcardnumber)toawebsite“Lookforthegreenbar” (EV)forhighsecuritytransactions,suchasbankingorhealthcarematters
Wesuccessfullytraineduserstolookforapadlocktenyearsago– wecantrainthemagainwithnew,commonUIsecurityindicators
#RSAC
NextStepsforUserSecurity
55
Browsersshouldcollaborate andadoptacommon“Universal”UIBrowsersshouldannounceatransitiondatetonewUniversalUIPadlockwilldisappearforDV,whichwillbecomethenew“normal”stateOVcertswillreceiveanew,distinctUIsymbolEVcertswillcontinuewithanenhancedEVUIsymbol
Startaneducationprogramtoprepareusers,websiteownersCAsshouldworkonstrengtheningOVvetting,improvedcommonstandardsCollectandrespondtodata ontheuseofcertsbyfraudsters(DV,OV,EV)
RESULT: asaferInternetforuserswithin1-2years;fraudprevention
#RSAC
Summary
56
FraudstersaremovingtoDVcertificatesFraudstershateidentity– theyavoidOVandEVcertificatesTherefore,OVandEVcerts(25%ofsites)representmuchsafer sitesforusers– preventcrimeOnthisbasis,OVandEVcertsdeservetheirowndistinctbrowserUIsforusersafetyDON’TeliminateEVUI,DON’TcreatebinaryUIof“secure”vs.“notsecure”- thathidesidentityBrowsersshouldworktogethertocreateacommonUniversalUIAllshouldworktogethertoeducateusersonthenewUniversalUI
#RSAC
Thank you! Questions?Download White Paper “Use of Identity in SSL-TLS Certs for User Safety” and sign petition at: casecurity.org/identity