Story image

What happens when encryption and security certificates go awry?

27 Mar 2018

What happens when a compromised certificate is used to conduct malicious activities that result in data loss or a breach? Two researchers at Carnegie Mellon University asked that exact question and found that

Carnegie’s CERT system team software engineer Aaron Reffett and Thomas Scanlon released research this month

They say that in situations where a private key is stolen or lost from a public key infrastructure (PKI) environment, there is potential for compromised end-entity certificates to be abused.

This can result in breaches because anyone who holds a private key can essentially impersonate the intended user.

Reffett and Scanlon argue that losing a private key is essentially the same as losing a password, but unlike passwords, private keys are more difficult to replace and harder to recover from.

On top of that, compromised client-authentication certificates are essentially similar to usernames and passwords because attackers can spoof a trusted service. Attackers can then grab confidential information sent by unwitting victims to that breached service, researchers say.

Private keys and certificates are rarely audited. Certificates may have validity for between one and three years, so attackers may be able to compromise both the key and certificate for a very long time.

Reffett and Scanlon also explain that keys can be lost or stolen in different ways, including system crashes, hacks, and even in cases where people accidentally send their private key instead of the public one in a message.

“Another possibility is that a key might be exposed for some period of time. This case is the digital equivalent of leaving a written secret on a desk in a public area where people walk by and could potentially copy it. Organisations using PKI need to institute and document measures that assure proper custody of private keys,” they explain.

“ A principle that everyone using PKI should adopt is: if you think it's possible that you have lost control of your key, you have effectively lost control of your key. Regardless of whether you know you've lost it, think you've lost it, or don't know whether you've lost it, the actions you should take to mitigate the problem are identical.”

The researchers suggest that organisations need to have a first response plan – typically this would be to revoke the certificate and inform users that the certificate is not valid. This can be done through the online certificate status protocol (OCSP).

The certificate issuer must also do their part to ensure it shares a list of revoked certificates to users.

Researchers explain that most modern web browsers rely on lists of bad certificates at update time.

“When clients update, they receive a new list of blacklisted certificates. It is assumed that the scope of each breach is known and that a discrete set of compromised certificates can be collected. It is also assumed that the certificates will be properly revoked via appropriate channels by the issuing certification authority (CA).”

“Browser makers prefer this scenario to one where each connection is checked, with the consequent performance penalty.”

But researchers say there are problems with this setup.

“It does not protect against the unknown compromised certificate since there is lag time between an event's occurrence and discovery of the event, along with the time it takes to make the changes and push out updates. This lag time represents a window of opportunity to exploit the vulnerability.”

“This scenario also relies on all users keeping updated versions of browsers, which we know not everyone does. Moreover, for a certificate to appear on a blacklist, there must have been some exploit or compromise that has taken place to put it there. As a result, someone paid a price for every certificate that is on the blacklist.”

The researchers explain that there are a number of ways organisations can mitigate problems:

  • Principal mapping
  • Client certificates
  • Add compromised certificates to a system certificate blacklist
  • Updating non-system NSS database stores
  • Application-specific mitigations for TLS/SSL handling
  • Network mitigation such as introducing an SSL-terminating proxy
  • Intrusion prevention systems that conduct deep packet inspections on SSL session handshakes
  • Post-cleanup monitoring
  • Intrusion detection systems
  • Application audit logging.
Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
Developing APAC countries most vulnerable to malware - Microsoft
“As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.
Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.