Notary-Assisted Certificate Pinning for Improved Security of Android Apps

The security provided to Internet applications by the TLS protocol relies on the trust we put on Certificate Authorities (CAs) issuing valid identity certificates. TLS certificate pinning is a proposed approach to defend against man-in-the-middle (MitM) attacks that are realized using valid albeit fraudulent certificates. Yet, the implementation of certificate pinning for mobile applications, and especially for Google Android apps, is cumbersome and error-prone, resulting in inappropriate connection handling and privacy leaks of user information. We propose the use of TLS notary-assisted certificate pinning at the Android Runtime level. Our approach defends against a wide range of MitM attacks without needing to update the application using TLS. Furthermore, by relying on the collective knowledge of the trusted TLS notaries, we increase both the security and the usability, while at the same time we remove the burden for the user making trust decisions about system security issues. We describe a proof-of-concept implementation demonstrating its capabilities and discuss the next steps necessary towards general availability of our solution.

[1]  Narseo Vallina-Rodriguez,et al.  A Tangled Mass: The Android Root Certificate Stores , 2014, CoNEXT.

[2]  Peter Kieseberg,et al.  Trust me, I'm a Root CA! Analyzing SSL Root CAs in Modern Browsers and Operating Systems , 2015, 2015 10th International Conference on Availability, Reliability and Security.

[3]  Hannes Federrath,et al.  Laribus: privacy-preserving detection of fake SSL certificates with a social P2P notary network , 2013, 2013 International Conference on Availability, Reliability and Security.

[4]  Edgar R. Weippl,et al.  Whom You Gonna Trust? A Longitudinal Study on TLS Notary Services , 2016, DBSec.

[5]  Artemios G. Voyiatzis,et al.  When Security Meets Usability: A User-Centric Approach on a Crossroads Priority Problem , 2010, 2010 14th Panhellenic Conference on Informatics.

[6]  Kevin R. B. Butler,et al.  Forced Perspectives: Evaluating an SSL Trust Enhancement at Scale , 2014, Internet Measurement Conference.

[7]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.3 , 2018, RFC.

[8]  Edgar R. Weippl,et al.  Browser History Stealing with Captive Wi-Fi Portals , 2016, 2016 IEEE Security and Privacy Workshops (SPW).

[9]  Edgar R. Weippl,et al.  Pin it! Improving Android network security at runtime , 2016, 2016 IFIP Networking Conference (IFIP Networking) and Workshops.

[10]  Matthew Smith,et al.  Rethinking SSL development in an appified world , 2013, CCS.

[11]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.

[12]  Bernd Freisleben,et al.  Why eve and mallory love android: an analysis of android SSL (in)security , 2012, CCS.

[13]  Edgar R. Weippl,et al.  Network Security Challenges in Android Applications , 2015, 2015 10th International Conference on Availability, Reliability and Security.