Story image

What happens when encryption and security certificates go awry?

27 Mar 18

What happens when a compromised certificate is used to conduct malicious activities that result in data loss or a breach? Two researchers at Carnegie Mellon University asked that exact question and found that

Carnegie’s CERT system team software engineer Aaron Reffett and Thomas Scanlon released research this month

They say that in situations where a private key is stolen or lost from a public key infrastructure (PKI) environment, there is potential for compromised end-entity certificates to be abused.

This can result in breaches because anyone who holds a private key can essentially impersonate the intended user.

Reffett and Scanlon argue that losing a private key is essentially the same as losing a password, but unlike passwords, private keys are more difficult to replace and harder to recover from.

On top of that, compromised client-authentication certificates are essentially similar to usernames and passwords because attackers can spoof a trusted service. Attackers can then grab confidential information sent by unwitting victims to that breached service, researchers say.

Private keys and certificates are rarely audited. Certificates may have validity for between one and three years, so attackers may be able to compromise both the key and certificate for a very long time.

Reffett and Scanlon also explain that keys can be lost or stolen in different ways, including system crashes, hacks, and even in cases where people accidentally send their private key instead of the public one in a message.

“Another possibility is that a key might be exposed for some period of time. This case is the digital equivalent of leaving a written secret on a desk in a public area where people walk by and could potentially copy it. Organisations using PKI need to institute and document measures that assure proper custody of private keys,” they explain.

“ A principle that everyone using PKI should adopt is: if you think it's possible that you have lost control of your key, you have effectively lost control of your key. Regardless of whether you know you've lost it, think you've lost it, or don't know whether you've lost it, the actions you should take to mitigate the problem are identical.”

The researchers suggest that organisations need to have a first response plan – typically this would be to revoke the certificate and inform users that the certificate is not valid. This can be done through the online certificate status protocol (OCSP).

The certificate issuer must also do their part to ensure it shares a list of revoked certificates to users.

Researchers explain that most modern web browsers rely on lists of bad certificates at update time.

“When clients update, they receive a new list of blacklisted certificates. It is assumed that the scope of each breach is known and that a discrete set of compromised certificates can be collected. It is also assumed that the certificates will be properly revoked via appropriate channels by the issuing certification authority (CA).”

“Browser makers prefer this scenario to one where each connection is checked, with the consequent performance penalty.”

But researchers say there are problems with this setup.

“It does not protect against the unknown compromised certificate since there is lag time between an event's occurrence and discovery of the event, along with the time it takes to make the changes and push out updates. This lag time represents a window of opportunity to exploit the vulnerability.”

“This scenario also relies on all users keeping updated versions of browsers, which we know not everyone does. Moreover, for a certificate to appear on a blacklist, there must have been some exploit or compromise that has taken place to put it there. As a result, someone paid a price for every certificate that is on the blacklist.”

The researchers explain that there are a number of ways organisations can mitigate problems:

  • Principal mapping
  • Client certificates
  • Add compromised certificates to a system certificate blacklist
  • Updating non-system NSS database stores
  • Application-specific mitigations for TLS/SSL handling
  • Network mitigation such as introducing an SSL-terminating proxy
  • Intrusion prevention systems that conduct deep packet inspections on SSL session handshakes
  • Post-cleanup monitoring
  • Intrusion detection systems
  • Application audit logging.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
SingleSource scores R&D grant to explore digital identity over blockchain
Callaghan Innovation has awarded a $318,000 R&D grant to Auckland-based firm SingleSource, a company that applies risk scoring to digital identity.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Spark Lab launches free cybersecurity tool for SMBs
Spark Lab has launched a new tool that it hopes will help New Zealand’s small businesses understand their cybersecurity risks.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t.