Elaphurus: Ensemble Defense Against Fraudulent Certificates in TLS

Recent security incidents indicate that certificate authorities (CAs) might be compromised to sign certificates with fraudulent information. The fraudulent certificates are exploited to launch successful TLS man-in-the-middle (MitM) attacks, even when TLS clients strictly verify the server certificates. Various security-enhanced certificate verification schemes have been proposed to defend against fraudulent certificates, such as Pinning, CAge, CT, DANE, and DoubleCheck. However, none of the above schemes perfectly solves the problem, which hinders them from being widely deployed. This paper analyzes these schemes in terms of security, usability and performance. Based on the analysis, we propose Elaphurus, an integrated security-enhanced certificate verification scheme on the TLS client side. Elaphurus is designed on top of Pinning, while integrating other schemes to eliminate their disadvantages and improving the overall security and usability. We implement the prototype system with OpenSSL. Experimental results show that it introduces a reasonable overhead, while effectively enhancing the security of certificate verification.

[1]  J. Alex Halderman,et al.  Towards a Complete View of the Certificate Ecosystem , 2016, Internet Measurement Conference.

[2]  Dave Cooper Implementation Report for the Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile RFC 5280 , 2010 .

[3]  Sid Stamm,et al.  Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL , 2010 .

[4]  Collin Jackson,et al.  Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure , 2013, WWW.

[5]  Sid Stamm,et al.  Certified Lies: Detecting and Defeating Government Interception Attacks against SSL (Short Paper) , 2011, Financial Cryptography.

[6]  Eric Wustrow,et al.  CAge: Taming Certificate Authorities by Inferring Restricted Scopes , 2013, Financial Cryptography.

[7]  Kevin R. B. Butler,et al.  Securing SSL Certificate Verification through Dynamic Linking , 2014, CCS.

[8]  Adrienne Porter Felt,et al.  Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[9]  Daniel Zappala,et al.  TrustBase: An Architecture to Repair and Strengthen Certificate-based Authentication , 2016, USENIX Security Symposium.

[10]  Adrian Perrig,et al.  PoliCert: Secure and Flexible TLS Certificate Management , 2014, CCS.

[11]  Matthew Smith,et al.  To Pin or Not to Pin-Helping App Developers Bullet Proof Their TLS Connections , 2015, USENIX Security Symposium.

[12]  Adrian Perrig,et al.  Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing , 2008, USENIX Annual Technical Conference.

[13]  Angelos D. Keromytis,et al.  DoubleCheck: Multi-path verification against man-in-the-middle attacks , 2009, 2009 IEEE Symposium on Computers and Communications.

[14]  Scott Rose,et al.  DNS Security Introduction and Requirements , 2005, RFC.

[15]  Ralf Sasse,et al.  ARPKI: Attack Resilient Public-Key Infrastructure , 2014, CCS.

[16]  Paul E. Hoffman,et al.  The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA , 2012, RFC.

[17]  Moxie Marlinspike,et al.  Trust Assertions for Certificate Keys , 2013 .

[18]  Georg Carle,et al.  Mission accomplished?: HTTPS security after diginotar , 2017, Internet Measurement Conference.