[Cryptography] TLS proxies popped
Henry Baker
hbaker1 at pipeline.com
Thu May 5 11:32:34 EDT 2016
http://users.encs.concordia.ca/~mmannan/publications/ssl-interception-ndss2016.pdf
http://www.theregister.co.uk/2016/05/05/tls_proxies_are_insecure/
TLS proxies: insecure by design say boffins
5 May 2016 at 07:15, Richard Chirgwin
Have you ever suspected filters that decrypt traffic of being insecure? Canadian boffins agree with you, saying TLS proxies commonly deployed in both business and home networks for traffic inspection open up cans of worms.
In their tests, "not a single TLS proxy implementation is secure with respect to all of our tests, sometimes leading to trivial server impersonation under an active man-in-the-middle attack, as soon as the product is installed on a system," write Xavier de Carné de Carnavalet and Mohammad Mannan of the Concordia Institute of Systems Engineering in Montrea.
The trio's paper (PDF) goes on to say that users could be exposed to man-in-the-middle attacks or other CA-based impersonations.
We found that four products are vulnerable to full server impersonation under an active man-in-the-middle (MITM) attack out-of-the-box, and two more if TLS filtering is enabled. Several of these tools also mislead browsers into believing that a TLS connection is more secure than it actually is, by e.g., artificially upgrading a servers TLS version at the client.
There's also the matter of how products protect their root certificates' private key. It's not pretty, as the table ... shows.
More information about the cryptography
mailing list