Unauthorized HTTPS certificates have been making the news lately, some of which are in root stores from known/supposedly...
trusted vendors. How can enterprises protect against these certificates?
Security on the Internet relies to a great extent on trust in the certificate authorities (CA) who issue the digital certificates that are used by Web servers to identify themselves and encrypt traffic between the server and user. These certificates prevent attackers from impersonating the site or eavesdropping on communications to and from the site.
Unfortunately, this trust is being eroded by a series of attacks against CAs -- such as DigiNotar and Comodo -- and by poor practices in the case of ANSSI, which have resulted in fraudulent or unauthorized digital certificates being issued. Forged certificates can allow an attacker to spy on information sent between a Web server and a browser even though the connection appears to be secure. They can also be used in attempts to spoof content and perform phishing or man-in-the-middle attacks. In a recent incident, unauthorized digital certificates for a number of Google's domains were issued by the CA National Informatics Centre of India (NIC) when its issuance process was compromised.
NIC holds several intermediate CA certificates trusted by the Indian government's Controller of Certifying Authorities (India CCA). The India CCA certificates are included in the Microsoft Root Store and therefore are implicitly trusted by many applications running on Windows, including Internet Explorer and Google's Chrome browser. The root stores on Mac OS X, iOS and Android operating systems don't include the certificates from Indian CCA so were not affected in this instance. Firefox wasn't affected either as instead of using the operating system's root store it uses its own which doesn't include these certificates.
Google quickly blocked the unauthorized certificates in Chrome by issuing a CRLSet. India CCA later revoked all the NIC intermediate certificates, and another CRLSet push was performed to include that revocation. Also, because Google sites make use of public-key pinning, Chrome on Windows would not have accepted the fraudulent certificates for Google sites. Pinning is an HTTP protocol that allows Web administrators to instruct browsers to remember or "pin" a Web server's digital certificate for a given period of time, therefore reducing the number of authorities who can authenticate the domain during the lifetime of the pin.
There are various initiatives underway to try and improve the trust in CAs and the certificates they issue. These include Google's Certificate Transparency project and DNS-based Authentication of Named Entities (DANE). However, there has been no widespread adoption of these projects so far.
Browsers base trust decisions on the inclusion of roots of trust in a root store, so the best way for enterprises to safeguard their users from malicious certificates is to ensure that browsers are kept up to date with current certificate trust lists. Turning on certificate revocation checking in a browser is not that efficient at establishing whether a certificate is still valid and tends to slow down page-load times considerably. A better option is using a firewall that can deep-scan SSL-encrypted traffic to sniff out fake certificates or malicious code. Security teams should also monitor security news feeds and delete untrusted root certificates from the root store manually before updates become available if the risk to a network is deemed unacceptable. Instructions to remove a root and clear the local cached CTL across an enterprise network can be issued via Group Policy.
Ask the Expert!
Want to ask Michael Cobb a question about application security? Submit your question now via email! (All questions are anonymous.)
Dig Deeper on Web browser security
Related Q&A from Michael Cobb
Sending sensitive information in attachments is inherently unsafe, and the main way to secure them -- encryption -- can be implemented inconsistently... Continue Reading
Spyware can steal mundane information, track a user's every move and everything in between. Read up on the types of spyware and how to best fix ... Continue Reading
Explore the differences between symmetric vs. asymmetric encryption algorithms, including common uses and examples of both, as well as their pros and... Continue Reading