Unauthorized HTTPS certificates have been making the news lately, some of which are in root stores from known/supposedly...
trusted vendors. How can enterprises protect against these certificates?
Security on the Internet relies to a great extent on trust in the certificate authorities (CA) who issue the digital certificates that are used by Web servers to identify themselves and encrypt traffic between the server and user. These certificates prevent attackers from impersonating the site or eavesdropping on communications to and from the site.
Unfortunately, this trust is being eroded by a series of attacks against CAs -- such as DigiNotar and Comodo -- and by poor practices in the case of ANSSI, which have resulted in fraudulent or unauthorized digital certificates being issued. Forged certificates can allow an attacker to spy on information sent between a Web server and a browser even though the connection appears to be secure. They can also be used in attempts to spoof content and perform phishing or man-in-the-middle attacks. In a recent incident, unauthorized digital certificates for a number of Google's domains were issued by the CA National Informatics Centre of India (NIC) when its issuance process was compromised.
NIC holds several intermediate CA certificates trusted by the Indian government's Controller of Certifying Authorities (India CCA). The India CCA certificates are included in the Microsoft Root Store and therefore are implicitly trusted by many applications running on Windows, including Internet Explorer and Google's Chrome browser. The root stores on Mac OS X, iOS and Android operating systems don't include the certificates from Indian CCA so were not affected in this instance. Firefox wasn't affected either as instead of using the operating system's root store it uses its own which doesn't include these certificates.
Google quickly blocked the unauthorized certificates in Chrome by issuing a CRLSet. India CCA later revoked all the NIC intermediate certificates, and another CRLSet push was performed to include that revocation. Also, because Google sites make use of public-key pinning, Chrome on Windows would not have accepted the fraudulent certificates for Google sites. Pinning is an HTTP protocol that allows Web administrators to instruct browsers to remember or "pin" a Web server's digital certificate for a given period of time, therefore reducing the number of authorities who can authenticate the domain during the lifetime of the pin.
There are various initiatives underway to try and improve the trust in CAs and the certificates they issue. These include Google's Certificate Transparency project and DNS-based Authentication of Named Entities (DANE). However, there has been no widespread adoption of these projects so far.
Browsers base trust decisions on the inclusion of roots of trust in a root store, so the best way for enterprises to safeguard their users from malicious certificates is to ensure that browsers are kept up to date with current certificate trust lists. Turning on certificate revocation checking in a browser is not that efficient at establishing whether a certificate is still valid and tends to slow down page-load times considerably. A better option is using a firewall that can deep-scan SSL-encrypted traffic to sniff out fake certificates or malicious code. Security teams should also monitor security news feeds and delete untrusted root certificates from the root store manually before updates become available if the risk to a network is deemed unacceptable. Instructions to remove a root and clear the local cached CTL across an enterprise network can be issued via Group Policy.
Ask the Expert!
Want to ask Michael Cobb a question about application security? Submit your question now via email! (All questions are anonymous.)
Dig Deeper on Web browser security
Related Q&A from Michael Cobb
WhatsApp vulnerabilities can enable hackers to bypass end-to-end encryption and spoof messages. Expert Michael Cobb explains how these attacks work ... Continue Reading
Disabling Google location tracking involves more than turning off Location History. Learn how to manage your account settings to stop tracking ... Continue Reading
Compared to TLS 1.2, TLS 1.3 saw improvements in security, performance and privacy. Learn how TLS 1.3 eliminated vulnerabilities using cryptographic ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.