Various attacks and incidents diminished the trust in the TLS public key infrastructure. The major problem is that any certificate authority can issue certificates for any domain. Thus, the weakest link in the system determines the security and trustworthiness of the entire PKI system. At Open Systems, we are monitoring the TLS PKI at a global scope to detect mis-issued certificates and rogue certificate authorities.
Flaws of the Current TLS PKI Ecosystem
Nowadays, browsers and operating systems have certificates preinstalled in its Root Certificate Store. Every certificate in this store acts as trust anchor for validating certificate chains. Hence, the trust in these root certificates is ultimate.
These root certificates sign intermediate certificates of the certificate authorities. Certificate authorities use these intermediate certificates to issue leaf certificates for endpoints. A client needs the entire certificate chain to determine the trust status of a endpoint. Complementary, clients do also consider the validity and revocation status of all certificates.
An attacker must only obtain access to a single trusted issuing certificate to issue arbitrary certificate for his need. Then, he is able to intercept for example HTTPS traffic and still present a valid certificate chain to the client. As there are several thousand intermediate certificates in active usage, obtaining access to a single intermediate certificate is not unrealistic.
Leverage Open Systems Global View
Open Systems secures the Web traffic of many customers with the Web Proxy service. This enables us to passively collect various information from a large number of HTTPS TLS connections on a global scope. At the moment, we extract the following information on all our Web Proxy services:
- Timestamp: The time of the connection.
- FQDN: The Fully Qualified Domain Name (FQDN) of the connection.
- TLS Version: Which SSL/TLS version was used.
- Cipher: Which cipher was used.
- Validity: If the certificate chain was deemed valid.
- Errors: A list of errors, if there were any during certificate chain validation.
- Chain: A list of fingerprints specifying the certificate chain.
All information is stored locally on every proxy host and eventually reported to a centralized application. There, all TLS connection information is getting stored in an aggregated form for advanced analysis. This enables Open Systems to leverage the global view on the TLS PKI system in order to detect possible attacks and take the required actions. Furthermore, we can also deduce various statstical information about how the TLS PKI system evolves over time.
In feature articles, we will present deeper insights on our findings and the operational benefit this TLS observatory offers us and our customers.
This system has been engineered in order to collect required information for a master's thesis in coorporation with ETH Zurich. The resulting thesis of Fabian Zeindler can be found here: Passive Collection and Analysis of SSL/TLS Connections and Certificates