Affiliation:
1. ATHENE & TU Darmstadt & Fraunhofer SIT, Darmstadt, Germany
2. ATHENE & Goethe-Universität Frankfurt & Fraunhofer SIT, Frankfurt, Germany
Abstract
The TLS ecosystem depends on certificates to bootstrap secure connections. Certificate Authorities (CAs) are trusted to issue these correctly. However, as a result of security breaches or attacks, certificates may be issued fraudulently and need to be revoked prematurely.
Revocation, as a reactive measure, is fundamentally damage control and, as such, time is critical. Therefore, measuring reaction delay is the first step to identifying how well the revocation system functions.
In this paper we attempt to characterize the current performance of the WebPKI in dealing with fraudulent certificates. We present measurements of each step in the revocation process: the detection of certificate issuance through Certificate Transparency (CT) monitoring, the administrative revocation process at popular CAs, and the revocation checking behavior of end-user clients, both in a controlled virtualized environment and in the wild. We perform two live measurements, in 2022 and 2023, respectively, to provide a longitudinal comparison.
We find that detection and revocation of fraudulent certificates is quick and efficient when leveraging CT and can be completed within 6.5 hours on average. Furthermore, CT is being increasingly enforced by some browsers. However, ∼83% of the clients we observed, across popular browsers, brands and OSes, completely disregard a certificate's status, whileall of the studied browsers still display soft-fail behavior, making them vulnerable to attackers capable of interfering with the network. Of the clients that do check revocation, we find that 35% can be made to accept a revoked certificate through the use of OCSP Stapling. We expect this number to grow with client-side adoption of OCSP Stapling [RFC6961]. Current OCSP expiration times allow a revoked certificate to remain fully valid for up to 7 days for the majority of CAs, exposing clients to attacks.
Publisher
Association for Computing Machinery (ACM)
Reference36 articles.
1. Apple. 2017. Your Apps and Evolving Network Security Standards. https://developer.apple.com/videos/play/wwdc2017/701/ Apple. 2017. Your Apps and Evolving Network Security Standards. https://developer.apple.com/videos/play/wwdc2017/701/
2. Apple. 2021a. Apple Platform Security: Certificate validity checking. https://support.apple.com/guide/security/tls-security-sec100a75d12/1/web/1 Apple. 2021a. Apple Platform Security: Certificate validity checking. https://support.apple.com/guide/security/tls-security-sec100a75d12/1/web/1
3. Apple. 2021b. Log List. https://valid.apple.com/ct/log_list/current_log_list.json Apple. 2021b. Log List. https://valid.apple.com/ct/log_list/current_log_list.json
4. R. Barnes J. Hoffman-Andrews D. McCarney and J. Kasten. 2019. Automatic Certificate Management Environment (ACME). RFC 8555. RFC Editor. R. Barnes J. Hoffman-Andrews D. McCarney and J. Kasten. 2019. Automatic Certificate Management Environment (ACME). RFC 8555. RFC Editor.
5. Henry Birge-Lee , Yixin Sun , Anne Edmundson , Jennifer Rexford , and Prateek Mittal . 2018 . Bamboozling Certificate Authorities with BGP . In Proc. 27th USENIX Security Symposium (USENIX Security 18) (2018), 833 -- 849. Henry Birge-Lee, Yixin Sun, Anne Edmundson, Jennifer Rexford, and Prateek Mittal. 2018. Bamboozling Certificate Authorities with BGP. In Proc. 27th USENIX Security Symposium (USENIX Security 18) (2018), 833 -- 849.
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献