hin255 - Fotolia
Cross-certificates are reportedly causing issues on Android devices. What's the vulnerability behind these issues? Is this something attackers can take advantage of, and if so, are there any ways to mitigate the problems?
Cross-certificates provide a means to create a chain of trust from a single, trusted root or subordinate certificate authority to multiple other root or subordinate CAs. A cross-signed digital certificate issued by one CA is used to sign the public key for the root certificate of another certificate authority, allowing certificates to be used and trusted between two CA hierarchies. For example, in Microsoft Windows, cross-certificates allow the operating system kernel to have a single trusted Microsoft root authority while extending the chain of trust to multiple commercial CAs that issue certificates used for code-signing software for distribution and installation on Windows machines.
In all cross-certification schemes, a single certificate will chain to different root CAs depending on which organization's computers are validating the certificate. For example, to configure complete trust between the subordinate and root CAs operated by the hypothetical Key Supplies Inc. and its customer Big Builders Inc., the root CA for each organization needs to be cross-certified with the subordinate enterprise CA in the other organization. This allows certificates issued by either CA to chain to a root that is trusted by each organization. If a certificate is issued to an employee of Key Supplies, it will validate up to the Key Supplies CA when verified by other computers within the Key Supplies network, but will validate up to the Big Builders CA if validated by a computer on the Big Builders' network.
Cross-signing can create very long certificate chains, and different chains exist for the same certificate. This makes certificate validation more expensive in terms of processing time and network traffic -- and adds extra complexity.
These reasons may be why there's a flaw in the way Android devices handle cross-signed certificates. Researchers at Trend Micro Inc. found the device may either slow down or hang when a specially-constructed malformed certificate -- created when two certificates are crossed-signed in a continuous loop -- is introduced into an Android device either by a new app being installed or by importing a specially crafted keychain. The vulnerability is caused by two commonly used classes in the Android framework -- the JarFile and KeyStore classes. The JarFile class is used to verify a jar package's certificates and signature files, but it falls into an endless loop when trying to validate a cross-signed certificate chain; the process keeps using up system resources until it is killed, which forces a device reboot. The KeyStore class used to process PKCS #12 files for the Android KeyStore suffers from the same problem. This bug is present in all Android versions, and potentially any code that implicitly or explicitly uses either class may be at risk.
However, this vulnerability doesn't have any immediate security implications; a similar bug was found in Firefox some years back. It is possible, though, that future research may find a way to inject or run arbitrary code when the device's system resources are depleted and it becomes unstable prior to rebooting.
Google is aware of this vulnerability but has given no timeframe for a fix. In the meantime, administrators should monitor security newsfeeds for news of a fix or evidence of an attack that can take advantage of this flaw. Users should, of course, only download apps from approved stores and immediately report if their device starts running slowly or rebooting unexpectedly.
Ask the Expert:
Want to ask Michael Cobb a question about application security? Submit your question now via email. (All questions are anonymous.)
Dig Deeper on PKI and digital certificates
Related Q&A from Michael Cobb
WhatsApp vulnerabilities can enable hackers to bypass end-to-end encryption and spoof messages. Expert Michael Cobb explains how these attacks work ... Continue Reading
Disabling Google location tracking involves more than turning off Location History. Learn how to manage your account settings to stop tracking ... Continue Reading
Compared to TLS 1.2, TLS 1.3 saw improvements in security, performance and privacy. Learn how TLS 1.3 eliminated vulnerabilities using cryptographic ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.