HTTPS Interception Weakens TLS Security

[Batu69]

Systems Affected

All systems behind a hypertext transfer protocol secure (HTTPS) interception product are potentially affected.

Overview

Many organizations use HTTPS interception products for several purposes, including detecting malware that uses HTTPS connections to malicious servers. The CERT Coordination Center (CERT/CC) explored the tradeoffs of using HTTPS interception in a blog post called The Risks of SSL Inspection.

 

Organizations that have performed a risk assessment and determined that HTTPS inspection is a requirement should ensure their HTTPS inspection products are performing correct transport layer security (TLS) certificate validation. Products that do not properly ensure secure TLS communications and do not convey error messages to the user may further weaken the end-to-end protections that HTTPS aims to provide.

Description

TLS and its predecessor, Secure Sockets Layer (SSL), are important Internet protocols that encrypt communications over the Internet between the client and server. These protocols (and protocols that make use of TLS and SSL, such as HTTPS) use certificates to establish an identity chain showing that the connection is with a legitimate server verified by a trusted third-party certificate authority.

 

HTTPS inspection works by intercepting the HTTPS network traffic and performing a man-in-the-middle (MiTM) attack on the connection. In MiTM attacks, sensitive client data can be transmitted to a malicious party spoofing the intended server. In order to perform HTTPS inspection without presenting client warnings, administrators must install trusted certificates on client devices. Browsers and other client applications use this certificate to validate encrypted connections created by the HTTPS inspection product.

 

In addition to the problem of not being able to verify a web server’s certificate, the protocols and ciphers that an HTTPS inspection product negotiates with web servers may also be invisible to a client. The problem with this architecture is that the client systems have no way of independently validating the HTTPS connection. The client can only verify the connection between itself and the HTTPS interception product. Clients must rely on the HTTPS validation performed by the HTTPS interception product.

 

A recent report, The Security Impact of HTTPS Interception, highlighted several security concerns with HTTPS inspection products and outlined survey results of these issues. Many HTTPS inspection products do not properly verify the certificate chain of the server before re-encrypting and forwarding client data, allowing the possibility of a MiTM attack. Furthermore, certificate-chain verification errors are infrequently forwarded to the client, leading a client to believe that operations were performed as intended with the correct server.

 

This report provided a method to allow servers to detect clients that are having their traffic manipulated by HTTPS inspection products. The website badssl.com is a resource where clients can verify whether their HTTPS inspection products are properly verifying certificate chains. Clients can also use this site to verify whether their HTTPS inspection products are enabling connections to websites that a browser or other client would otherwise reject.

 

For example, an HTTPS inspection product may allow deprecated protocol versions or weak ciphers to be used between itself and a web server. Because client systems may connect to the HTTPS inspection product using strong cryptography, the user will be unaware of any weakness on the other side of the HTTPS inspection.

Impact

Because the HTTPS inspection product manages the protocols, ciphers, and certificate chain, the product must perform the necessary HTTPS validations. Failure to perform proper validation or adequately convey the validation status increases the probability that the client will fall victim to MiTM attacks by malicious third parties.

Solution

Organizations using an HTTPS inspection product should verify that their product properly validates certificate chains and passes any warnings or errors to the client. A partial list of products that may be affected is available at The Risks of SSL Inspection. Organizations may use badssl.com as a method of determining if their preferred HTTPS inspection product properly validates certificates and prevents connections to sites using weak cryptography.

 

At a minimum, if any of the tests in the Certificate section of badssl.com prevent a client with direct Internet access from connecting, those same clients should also refuse the connection when connected to the Internet by way of an HTTPS inspection product.

 

In general, organizations considering the use of HTTPS inspection should carefully consider the pros and cons of such products before implementing. Organizations should also take other steps to secure end-to-end communications, as presented in US-CERT Alert TA15-120A.

 

Article source

[tao]

In an advisory sent to enterprises across the US, the Department of Homeland Security’s US-CERT group is warning that security products which perform HTTPS interception might weaken a company's overall security.

 

HTTPS inspection is a method where security products set up a man-in-the-middle proxy for HTTPS traffic. The proxy stands between the client and the remote server and intercepts HTTPS traffic, inspecting it for malware, and rebuilding the connection.

 

The issue comes from the fact that many security products, such as firewalls or antivirus products, fail to reconstruct the SSL connections to the same standards clients and servers negotiated.

 

"Many HTTPS inspection products do not properly verify the certificate chain of the server before re-encrypting and forwarding client data, allowing the possibility of a MiTM attack," US-CERT wrote in its advisory. "Furthermore, certificate-chain verification errors are infrequently forwarded to the client, leading a client to believe that operations were performed as intended with the correct server."

Research paper triggered CERT warning

The CERT advisory came after a group of security experts published a research paper at the start of the month titled "The Security Impact of HTTPS Interception."

 

The research team, made up of experts from Google, Mozilla, Cloudflare, and the University of Michigan, showed that around 62% of the HTTPS connections they've studied featured "reduced security," while 58% contained "severe vulnerabilities."

 

"We investigated popular antivirus and corporate proxies, finding that nearly all reduce connection security and that many introduce vulnerabilities (e.g., fail to validate certificates)," the researchers concluded in their paper.

 

"While the security community has long known that security products intercept connections, we have largely ignored the issue, believing that only a small fraction of connections are affected. However, we find that interception has become startlingly widespread and with worrying consequences."

 

Will Dormann, a vulnerability analyst for US-CERT has also published a blog post detailing the dangers of improper HTTPS interception, and highlighted possible issues such as:

 

Incomplete validation of upstream certificate validity
Not conveying validation of upstream certificate to the client
Overloading of certificate Canonical Name (CN) field
Use of the application layer to convey certificate validity
Use of a User-Agent HTTP header to determine when to validate a certificate
Communication before warning
Same root CA certificate

 

Companies that want to test if their HTTPS inspection tools weaken HTTPS security can do so by using the BadSSL service.

 

Dormann also published a list of security products that perform HTTPS interception and may be possibly affected.

    A10 vThunder
    Arbor Networks Pravail
    Baracuda Web Filter
    BASCOM School Web Filter
    Bloxx Web Filter
    Blue Coat SSL Visibility Appliance
    Check Point Data Loss Prevention (DLP), Anti Virus, Anti-Bot, Application Control, URL Filtering, Threat Emulation and IPS.
    Cisco ScanCenter
    Citrix NetScaler AppFirewall
    Clearswift SECURE Web Gateway
    ContentKeeper
    Cymphonix Internet Management Suite
    Dell SonicWALL
    EdgeWave iPrism Web Security
    ESET Smart Security
    F5 BIG-IP
    Fortinet FortiGate
    Fidelis Security XPS
    Finjan Vital Security
    GFI WebMonitor
    GigaMon GigaSmart
    IBM Security Network Protection
    iboss Web Security
    iSHERIFF Cloud Security
    Juniper IDP devices
    Kaspersky Anti-Virus
    Komodia SSL Decoder
    M86 Secure Web Gatewayr
    McAfee Web Gateway and Firewall Enterpriser
    Microsoft Forefront TMG
    NetNanny
    NextGig Netronome
    Optenet WebFilter
    Palo Alto PAN-OS
    Panda Cloud Internet Protection
    PrivDog
    Radware AppXcel
    SafeNet eSafe Web Security Gateway
    Sangfor IAM
    Smoothwall Secure Web Gateway
    Sophos Cyberoam
    Sourcefire SSL Appliance
    Squid
    Symantec Web Gateway
    Thomason Technologies Next Gen IPS
    Trend Micro Deep Security
    Trustwave WebMarshal, Secure Web Gateway
    Untangle NG Firewall
    Venafi TrustAuthority
    VSS Monitoring vInspector
    WatchGuard HTTPS Proxy
    Wavecrest CyBlock
    WebSense Content Gateway
    WebTitan
    Qbik WinGate
    WolfSSL SSL Inspection
    Zscaler
    ZyXel Firewall

<  Here  >

 

 

 

[Batu69]

Topic merged.