TLS in the Wild: An Internet-wide Analysis of TLS-based Protocols for Electronic Communication

The majority of electronic communication today happens either via email or chat. Thanks to the use of standardised protocols electronic mail (SMTP, IMAP, POP3) and instant chat (XMPP, IRC) servers can be deployed in a decentralised but interoperable fashion. These protocols can be secured by providing encryption with the use of TLS---directly or via the STARTTLS extension---and leverage X.509 PKIs or ad hoc methods to authenticate communication peers. However, many combination of these mechanisms lead to insecure deployments. We present the largest study to date that investigates the security of the email and chat infrastructures. We used active Internet-wide scans to determine the amount of secure service deployments, and passive monitoring to investigate if user agents actually use this opportunity to secure their communications. We addressed both the client-to-server interactions as well as server-to-server forwarding mechanisms that these protocols offer, and the use of encryption and authentication methods in the process. Our findings shed light on an insofar unexplored area of the Internet. The truly frightening result is that most of our communication is poorly secured in transit.

[1]  Richard Hartmann Default Port for Internet Relay Chat (IRC) via TLS/SSL , 2014, RFC.

[2]  Ramesh Govindan,et al.  Census and survey of the visible internet , 2008, IMC '08.

[3]  Mark R. Crispin Internet Message Access Protocol - Version 4rev1 , 1996, RFC.

[4]  Dmitri Loguinov,et al.  Demystifying service discovery: implementing an internet-wide scanner , 2010, IMC '10.

[5]  Peter Saint-Andre,et al.  Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence , 2004, RFC.

[6]  J. Alex Halderman,et al.  Analysis of the HTTPS certificate ecosystem , 2013, Internet Measurement Conference.

[7]  Hannes Tschofenig,et al.  Online Certificate Status Protocol (OCSP) Extensions to IKEv2 , 2007, RFC.

[8]  Peter Saint-Andre Extensible Messaging and Presence Protocol (XMPP): Core , 2011, RFC.

[9]  John C. Klensin,et al.  IMAP/POP AUTHorize Extension for Simple Challenge/Response , 1997, RFC.

[10]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[11]  Alexey Melnikov,et al.  Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms , 2010, RFC.

[12]  Eric Wustrow,et al.  Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices , 2012, USENIX Security Symposium.

[13]  Stefan Savage,et al.  Security by Any Other Name: On the Effectiveness of Provider Based Email Security , 2015, CCS.

[14]  Julien Freudiger,et al.  The Inconvenient Truth about Web Certificates , 2011, WEIS.

[15]  Alan O. Freier,et al.  Internet Engineering Task Force (ietf) the Secure Sockets Layer (ssl) Protocol Version 3.0 , 2022 .

[16]  Peter Saint-Andre,et al.  Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) , 2015, RFC.

[17]  John G. Myers SMTP Service Extension for Authentication , 1999, RFC.

[18]  Paul E. Hoffman,et al.  SMTP Service Extension for Secure SMTP over Transport Layer Security , 2002, RFC.

[19]  Jarkko Oikarinen,et al.  Internet Relay Chat Protocol , 1993, RFC.

[20]  Peter Saint-Andre,et al.  Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence , 2004, RFC.

[21]  Robin Sommer,et al.  Here's my cert, so trust me, maybe?: understanding TLS errors on the web , 2013, WWW.

[22]  Niels Provos,et al.  ScanSSH: Scanning the Internet for SSH Servers , 2001, LISA.

[23]  Marshall T. Rose,et al.  Post Office Protocol - Version 3 , 1988, RFC.

[24]  J. Alex Halderman,et al.  A Search Engine Backed by Internet-Wide Scanning , 2015, CCS.

[25]  Vern Paxson,et al.  The Matter of Heartbleed , 2014, Internet Measurement Conference.

[26]  Georg Carle,et al.  The SSL landscape: a thorough analysis of the x.509 PKI using active and passive measurements , 2011, IMC '11.

[27]  Peter Saint-Andre,et al.  Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS) , 2015, RFC.

[28]  Chris Newman,et al.  Using TLS with IMAP, POP3 and ACAP , 1999, RFC.

[29]  Eric Wustrow,et al.  ZMap: Fast Internet-wide Scanning and Its Security Applications , 2013, USENIX Security Symposium.

[30]  Ralph Holz,et al.  Empirical analysis of Public Key Infrastructures and Investigation of Improvements , 2014 .

[31]  Marshall T. Rose,et al.  Post Office Protocol: Version 3 , 1988, RFC.

[32]  Paul E. Hoffman SMTP Service Extension for Secure SMTP over TLS , 1999, RFC.

[33]  Wes Hardaker,et al.  SMTP Security via Opportunistic DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) , 2015, RFC.

[34]  Randall Gellens,et al.  Message Submission , 1998, RFC.

[35]  Robin Sommer,et al.  No attack necessary: the surprising dynamics of SSL trust relationships , 2013, ACSAC.

[36]  Peter Saint-Andre,et al.  Use of Transport Layer Security (TLS) in the Extensible Messaging and Presence Protocol (XMPP) , 2015, RFC.

[37]  Georg Carle,et al.  Investigating the Nature of Routing Anomalies: Closing in on Subprefix Hijacking Attacks , 2015, TMA.

[38]  John C. Klensin,et al.  Simple Mail Transfer Protocol , 2001, RFC.

[39]  Paul E. Hoffman,et al.  The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA , 2012, RFC.

[40]  Christophe Kalt,et al.  Internet Relay Chat: Server Protocol , 2000, RFC.

[41]  Mark R. Crispin,et al.  Internet Message Access Protocol - Version 4 , 1994, RFC.

[42]  Kurt D. Zeilenga,et al.  The PLAIN Simple Authentication and Security Layer (SASL) Mechanism , 2006, RFC.

[43]  J. Alex Halderman,et al.  Neither Snow Nor Rain Nor MITM...: An Empirical Analysis of Email Delivery Security , 2015, Internet Measurement Conference.

[44]  Georg Carle,et al.  A deeper understanding of SSH: Results from Internet-wide scans , 2014, 2014 IEEE Network Operations and Management Symposium (NOMS).

[45]  Randall Gellens,et al.  Message Submission for Mail , 2006, RFC.

[46]  Dan Boneh,et al.  An Experimental Study of TLS Forward Secrecy Deployments , 2014, IEEE Internet Computing.

[47]  Andrei Popov,et al.  Prohibiting RC4 Cipher Suites , 2015, RFC.