The Inconvenient Truth about Web Certificates

28
The Inconvenient Truth about Web Certificates Jean-Pierre Hubaux Joint work with N. Vratonjic, J. Freudiger and V. Bindschaedler Work presented at WEIS in June 2011

description

Jean-Pierre Hubaux Joint work with N. Vratonjic , J. Freudiger and V. Bindschaedler. The Inconvenient Truth about Web Certificates. Work presented at WEIS in June 2011 . HTTPS. Secure communication e-banking, e-commerce, Web email, etc. Authentication,. Confidentiality. - PowerPoint PPT Presentation

Transcript of The Inconvenient Truth about Web Certificates

Page 1: The Inconvenient Truth about Web Certificates

The Inconvenient Truth about Web Certificates

Jean-Pierre Hubaux Joint work with

N. Vratonjic, J. Freudiger and V. Bindschaedler

Work presented at WEIS in June 2011

Page 2: The Inconvenient Truth about Web Certificates

2

Impersonation

EavesdroppingModificationsAuthentication

ConfidentialityIntegrity

https://www.bankofamerica.com

HTTPS

Secure communicatione-banking, e-commerce, Web email, etc.Authentication,

HTTPS

Confidentialityand Integrity

Page 3: The Inconvenient Truth about Web Certificates

HTTPS in practiceHTTPS is at the core of online businessesProvided security is dubious

Notably due to obscure certificate management

3

Page 4: The Inconvenient Truth about Web Certificates

Research Questions

Q1: At which scale is HTTPS currently deployed?

Q2: What are the problems with current HTTPS deployment?

Q3: What are the underlying reasons that led to these problems?

4

Large-scale empirical analysis of the current deployment of HTTPS on the top 1 million

websites

Page 5: The Inconvenient Truth about Web Certificates

Methodology1 million most popular websites (Alexa’s

ranking)

Connect to each website with HTTP and HTTPS

Store:URLsContent of Web pagesCertificates

5

Page 6: The Inconvenient Truth about Web Certificates

Q1: At which scale is HTTPS deployed?

1/3 of websites can be browsed via HTTPS

6

Is this too much or too little?

HTTPS

34.7%

HTTP65.3%

Page 7: The Inconvenient Truth about Web Certificates

Login Pages: HTTP vs. HTTPS

77.4% of websites may compromise users’ credentials!

7

HTTPS22.6%HTTP

77.4%

More Web pages should be served via HTTPS!

Page 8: The Inconvenient Truth about Web Certificates

Q2: What are the problems with current HTTPS deployment?

HTTPS may fail due to:Server certificate-based authenticationCipher suites

The majority ( 70%) of websites use DHE-RSA-AES256-SHA cipher suite

8

?

Page 9: The Inconvenient Truth about Web Certificates

X.509 Certificates: Bind a public key with an identity

Certificates issued by trusted Certification Authorities (CAs)

To issue a certificate, CAs should validate:1. The applicant owns the domain name2. The applicant is a legitimate and legally

accountable entity

9

Two-step validationBoA’s

identifying information & domain name www.bankofamerica.com

CA XYZBoA’s public

key KBoA

Certificates

Organization Validated (OV) certificates

Page 10: The Inconvenient Truth about Web Certificates

10

Authentication

https://www.bankofamerica.com

Chain of trust Public keys of trusted CAs pre-installed in Web

browsers

Certificate-based Authentication

Browser: KCA

HTTPS

Page 11: The Inconvenient Truth about Web Certificates

11

Authentication

https://icsil1mail.epfl.ch

Chain of trust cannot be verified by Web browsers

Self-signed Certificates

Browser: K

EPFL ?

??

Page 12: The Inconvenient Truth about Web Certificates

Self-signed Certificates

12

Page 13: The Inconvenient Truth about Web Certificates

Trusted CA

Not expiredDomain match

Successfulauthentication

Verifying X.509 Certificates

Page 14: The Inconvenient Truth about Web Certificates

Authentication Success

14Total of 300’582 certificates

Page 15: The Inconvenient Truth about Web Certificates

Authentication Failures

15Total of 300’582 certificates

Page 16: The Inconvenient Truth about Web Certificates

Certificate Reuse Across Multiple Domains

Mostly due to Internet virtual hosting

16

Certificate Validity Domain Number of virtual hosts

*.bluehost.com 10’075*.hostgator.com 9’148

*hostmonster.com 4’954

Serving providers’ certs results in Domain Mismatch

Solution: Server Name Indication (SNI) – TLS extension Only 47.6% of collected certificates are unique

Page 17: The Inconvenient Truth about Web Certificates

Domain Mismatch: Unique Trusted Certificates

45.24% of unique trusted certs cause Domain Mismatch

17

Subdomain mismatch: cert valid for subdomain.host deployed on host and vice versa

Same organization

Page 18: The Inconvenient Truth about Web Certificates

Authentication Success

18Total of 300’582 certificates

Page 19: The Inconvenient Truth about Web Certificates

Domain-validated only (DVO) certificates1. The applicant owns the domain name2. The applicant is a legitimate and legally

accountable entity Based on Domain Name Registrars and email

verification Problem: Domain Name Registrars are untrustworthy

Trusted DVO Certificates

Legitimacy of the certificate owner cannot be trusted!

Page 20: The Inconvenient Truth about Web Certificates

Domain-validated Only (DVO)

20

Trusted

Organization NOT Validated

Organization Validated

Trusted

Organization Validated (OV)

Page 21: The Inconvenient Truth about Web Certificates

Extended Validation (EV) Rigorous extended validation of the applicantSpecial browser interface

Trusted EV Certificates

21

Page 22: The Inconvenient Truth about Web Certificates

DVO vs. OV vs. EV Certificates

61% of certs trusted by browsers are DVO

22

Certs with successful authentication(48’158 certs)

5.7% of certs (OV+EV) provide organization validation

DVO61%EV

6%

OV33%

Page 23: The Inconvenient Truth about Web Certificates

Research Questions

Q1: How is HTTPS currently deployed?1/3 of websites can be browsed via HTTPS77.4% of login pages may compromise users’

credentials

Q2: What are the problems with current HTTPS deployment?Authentication failures mostly due to domain

mismatchWeak authentication with DVO certificates

23

Page 24: The Inconvenient Truth about Web Certificates

Q3: What are the underlying reasons that led to these problems?

EconomicsMisaligned incentives

Most website operators have an incentive to obtain cheap certs CAs have an incentive to distribute as many certs as possible

Consequence: cheap certs for cheap securityLiability

No or limited liability of involved stakeholdersReputation

Rely on subsidiaries to issue certs less rigorouslyUsability

More interruptions users experience, more they learn to ignore security warnings

Web browsers have little incentive to limit access to websites

24

Page 25: The Inconvenient Truth about Web Certificates

Conclusion

Large-scale empirical study of HTTPS and certificate-based authentication on 1 million websites

5.7% (18’785) implement cert-based authentication properlyNo browser warnings Legitimacy of the certificate owner verified

Market for lemonsInformation asymmetry between CAs and website

operatorsMost websites acquire cheap certs leading to

cheap securityChange policies to align incentives

25

Page 26: The Inconvenient Truth about Web Certificates

Trusted certificatesExtended Validation (EV) (extended validation)Organization Validated (OV) (two-step validation)Domain-validated only (DVO) (step 1. validation)

Untrusted (self-signed) certificates

Certificate Types

26

Certificate Type Pros Cons

EV Most trust Expensive

OV TrustedWeb browsers cannot

distinguish OV from DVO certificate

DVO Inexpensive Cannot guarantee legitimacy of the certificate owner

Self-signed No cost Not trusted by Web browsers

Page 27: The Inconvenient Truth about Web Certificates

Facebook Login Page

By default served with HTTPSource code of the login page:<div class="menu_login_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" ……>

27

http(s)://arbitraryServer/

Page 28: The Inconvenient Truth about Web Certificates

CSC 104

Common Sense: Protect your passwords. Don’t use the same password for an insecure site as for a secure one.

Essay Topic: Discuss an issue arising from improper security on the web. Notable examples include: theft of iTunes accounts, theft via PayPal, credit-card fraud.

28