research-article

The most dangerous code in the world: validating SSL certificates in non-browser software

Authors:

Martin Georgiev,

Subodh Iyengar,

Rishita Anubhai,

Vitaly ShmatikovAuthors Info & Claims

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

October 2012

Pages 38 - 49

https://doi.org/10.1145/2382196.2382204

Published: 16 October 2012 Publication History

Abstract

SSL (Secure Sockets Layer) is the de facto standard for secure Internet communications. Security of SSL connections against an active network attacker depends on correctly validating public-key certificates presented when the connection is established.

We demonstrate that SSL certificate validation is completely broken in many security-critical applications and libraries. Vulnerable software includes Amazon's EC2 Java library and all cloud clients based on it; Amazon's and PayPal's merchant SDKs responsible for transmitting payment details from e-commerce sites to payment gateways; integrated shopping carts such as osCommerce, ZenCart, Ubercart, and PrestaShop; AdMob code used by mobile websites; Chase mobile banking and several other Android apps and libraries; Java Web-services middleware including Apache Axis, Axis 2, Codehaus XFire, and Pusher library for Android and all applications employing this middleware. Any SSL connection from any of these programs is insecure against a man-in-the-middle attack.

The root causes of these vulnerabilities are badly designed APIs of SSL implementations (such as JSSE, OpenSSL, and GnuTLS) and data-transport libraries (such as cURL) which present developers with a confusing array of settings and options. We analyze perils and pitfalls of SSL certificate validation in software based on these APIs and present our recommendations.

References

[1]

https should check CN of x509 cert. https://issues.apache.org/jira/browse/HTTPCLIENT-613.

[2]

D. Brumley and D. Boneh. Remote timing attacks are practical. In USENIX Security, 2003.

Digital Library

[3]

S. Chen, Z. Mao, Y.-M. Wang, and M. Zhang. Pretty-Bad-Proxy: An overlooked adversary in browsers' HTTPS deployments. In S&P, 2009.

Digital Library

[4]

S. Chen, R. Wang, X. Wang, and K. Zhang. Side-channel leaks in Web applications: A reality today, a challenge tomorrow. In S&P, 2010.

Digital Library

[5]

Comodo report of incident. http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html, 2011.

[6]

Diginotar issues dodgy SSL certificates for Google services after break-in. http://www.theinquirer.net/inquirer/news/2105321/ diginotar-issues-dodgy-ssl-certificates-google-services-break, 2011.

[7]

P. Eckersley and J. Burns. An observatory for the SSLiverse. In DEFCON, 2010.

[8]

C. Evans and C. Palmer. Certificate pinning extension for HSTS. http://www.ietf.org/mail-archive/web/websec/current/pdfnSTRd9kYcY.pdf, 2011.

[9]

Fiddler - Web debugging proxy. http://fiddler2.com/fiddler2/.

[10]

D. Kaminsky, M. Patterson, and L. Sassaman. PKI layer cake: new collision attacks against the global X.509 infrastructure. In FC, 2010.

Digital Library

[11]

Moxie Marlinspike. IE SSL vulnerability. http://www.thoughtcrime.org/ie-ssl-chain.txt, 2002.

[12]

Moxie Marlinspike. Null prefix attacks against SSL/TLS certificates. http://www.thoughtcrime.org/papers/null-prefix-attacks.pdf, 2009.

[13]

Internet X.509 public key infrastructure certificate policy and certification practices framework. http://www.ietf.org/rfc/rfc2527.txt, 1999.

[14]

HTTP over TLS. http://www.ietf.org/rfc/rfc2818.txt, 2000.

[15]

Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. http://tools.ietf.org/html/rfc5280, 2008.

[16]

The Secure Sockets Layer (SSL) protocol version 3.0. http://tools.ietf.org/html/rfc6101, 2011.

[17]

Representation and verification of domain-based application service identity within Internet public key infrastructure using X.509 (PKIX) certificates in the context of Transport Layer Security (TLS). http://tools.ietf.org/html/rfc6125, 2011.

[18]

M. Stevens, A. Sotirov, J. Appelbaum, A. Lenstra, D. Molnar, D. Osvik, and B. Weger. Short chosen-prefix collisions for MD5 and the creation of a rogue CA certificate. In CRYPTO, 2009.

Digital Library

[19]

Q. Sun, D. Simon, Y.-M. Wang, W. Russell, V. Padmanabhan, and L. Qiu. Statistical identification of encrypted Web browsing traffic. In S&P, 2002.

Digital Library

[20]

CVE-2009-4831. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4831, 2009.

[21]

J. Viega and M. Messier. Secure Programming Cookbook for C and C++. O'Reilly Media, 2007.

Digital Library

[22]

N. Vratonjic, J. Freudiger, V. Bindschaedler, and J.-P. Hubaux. The inconvenient truth about Web certificates. In WEIS, 2011.

[23]

R. Wang, S. Chen, X. Wang, and S. Qadeer. How to shop for free online -- Security analysis of cashier-as-a-service based Web stores. In S&P, 2011.

Digital Library

Cited By

Shankar SGudadinni SMohta R(2024)A Comprehensive Study of Cyber Threats in the Banking IndustryStrengthening Industrial Cybersecurity to Protect Business Intelligence10.4018/979-8-3693-0839-4.ch011(244-269)Online publication date: 26-Apr-2024
https://doi.org/10.4018/979-8-3693-0839-4.ch011
Nash AStudiawan HGrispos GChoo K(2024)Security Analysis of Google Authenticator, Microsoft Authenticator, and AuthyDigital Forensics and Cyber Crime10.1007/978-3-031-56583-0_13(197-206)Online publication date: 3-Apr-2024
https://doi.org/10.1007/978-3-031-56583-0_13
Teng YWang WShao JWan HHuang HLiu YLin J(2024)Curveball+: Exploring Curveball-Like Vulnerabilities of Implicit Certificate ValidationComputer Security – ESORICS 202310.1007/978-3-031-51476-0_11(212-234)Online publication date: 11-Jan-2024
https://doi.org/10.1007/978-3-031-51476-0_11
Show More Cited By

Index Terms

The most dangerous code in the world: validating SSL certificates in non-browser software

Recommendations

Securing SSL Certificate Verification through Dynamic Linking
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

Recent discoveries of widespread vulnerabilities in the SSL/TLS protocol stack, particular with regard to the verification of server certificates, has left the security of the Internet's communications in doubt. Newly proposed SSL trust enhancements ...
Read More
Certification Authorities Under Attack: A Plea for Certificate Legitimation

Several recent attacks against certification authorities (CAs) and fraudulently issued certificates have put the security and usefulness of the Internet public-key infrastructure (PKI) at stake. In this article, the author argues that such attacks are ...
Read More
Analysis of the HTTPS certificate ecosystem
IMC '13: Proceedings of the 2013 conference on Internet measurement conference

We report the results of a large-scale measurement study of the HTTPS certificate ecosystem---the public-key infrastructure that underlies nearly all secure web communications. Using data collected by performing 110 Internet-wide scans over 14 months, ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

October 2012

1088 pages

ISBN:9781450316514

DOI:10.1145/2382196

General Chair:
Ting Yu
North Carolina State University, USA
,
Program Chairs:
George Danezis
Microsoft Research Cambridge, UK
,
Virgil Gligor
Carnegie Mellon University, USA

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 October 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'12

Sponsor:

SIGSAC

CCS'12: the ACM Conference on Computer and Communications Security

October 16 - 18, 2012

North Carolina, Raleigh, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

299
Total Citations
View Citations
3,201
Total Downloads

Downloads (Last 12 months)189
Downloads (Last 6 weeks)9

Other Metrics

View Author Metrics

Citations

Cited By

Shankar SGudadinni SMohta R(2024)A Comprehensive Study of Cyber Threats in the Banking IndustryStrengthening Industrial Cybersecurity to Protect Business Intelligence10.4018/979-8-3693-0839-4.ch011(244-269)Online publication date: 26-Apr-2024
https://doi.org/10.4018/979-8-3693-0839-4.ch011
Nash AStudiawan HGrispos GChoo K(2024)Security Analysis of Google Authenticator, Microsoft Authenticator, and AuthyDigital Forensics and Cyber Crime10.1007/978-3-031-56583-0_13(197-206)Online publication date: 3-Apr-2024
https://doi.org/10.1007/978-3-031-56583-0_13
Teng YWang WShao JWan HHuang HLiu YLin J(2024)Curveball+: Exploring Curveball-Like Vulnerabilities of Implicit Certificate ValidationComputer Security – ESORICS 202310.1007/978-3-031-51476-0_11(212-234)Online publication date: 11-Jan-2024
https://doi.org/10.1007/978-3-031-51476-0_11
Wu KHue MPoon NLeung KPo WWong KHui SChau SCalandrino JTroncoso C(2023)Back to schoolProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620558(5737-5754)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620558
Zhao BJi SZhang XTian YWang QPu YLyu CBeyah RCalandrino JTroncoso C(2023)UVSCANProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620429(3421-3438)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620429
Ma ZFaulkenberry APapastergiou TDurumeric ZBailey MKeromytis AMonrose FAntonakakis MMontpetit MLeivadeas AUhlig SJaved M(2023)Stale TLS Certificates: Investigating Precarious Third-Party Access to Valid TLS KeysProceedings of the 2023 ACM on Internet Measurement Conference10.1145/3618257.3624802(222-235)Online publication date: 24-Oct-2023
https://dl.acm.org/doi/10.1145/3618257.3624802
Shrestha ASharma TSaha PAhmed SAl-Ameen M(2023)A First Look into Software Security Practices in BangladeshACM Journal on Computing and Sustainable Societies10.1145/36163831:1(1-24)Online publication date: 22-Sep-2023
https://dl.acm.org/doi/10.1145/3616383
Nurgalieva LFrik ADoherty G(2023)A Narrative Review of Factors Affecting the Implementation of Privacy and Security Practices in Software DevelopmentACM Computing Surveys10.1145/358995155:14s(1-27)Online publication date: 4-Apr-2023
https://dl.acm.org/doi/10.1145/3589951
von Arx TPaterson K(2023)On the Cryptographic Fragility of the Telegram EcosystemProceedings of the 2023 ACM Asia Conference on Computer and Communications Security10.1145/3579856.3582811(328-341)Online publication date: 10-Jul-2023
https://dl.acm.org/doi/10.1145/3579856.3582811
Luo JYang XYi XHan FGondal IHuang G(2023)A Comparative Study on Design and Usability of Cryptographic LibrariesProceedings of the 2023 Australasian Computer Science Week10.1145/3579375.3579388(102-111)Online publication date: 30-Jan-2023
https://dl.acm.org/doi/10.1145/3579375.3579388
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents