[关闭]
@1qaz 2016-10-13T03:59:53.000000Z 字数 1432 阅读 741

TLS Proxies: Friend or Foe?

proxy


Mark O’Neill , Daniel Zappala
Brigham Young University
IMC'16 short paper [CCS'14 poster]

为了检测TLS代理的流行程度和使用方式,作者进行了15.2 million次证书测试,发现1/250的连接是被代理的。从被代理的连接中发现了疏忽的、不一致的、可疑的行为.

SP'14 analyz forged cert in the wild, facebook,1/500
CoNEXT'14 tangled mass:android root cert store,Netalyzer,1/15000

//Facebook 在白名单中,不出名的网站不太可能在白名单中

Main contribution

主要方法:deploy Flash app on endpoint via Google AdWords
两次测量:
1. 142 countries,2.9 million tests, author's own server
2. 5 contries(China, Ukraine etc) proxied in 147 countries, 12.3 million tests,Alexa top million + author's server

basic findings:
* test1中被代理的连接 11,764/2.9 million ,1/250,70%宣称证书由firewall颁发,12%由企业颁发
* test2, 50,761/12.3 million
* 代理率在国家间差别较大
* 一款家长控制软件不验证证书,直接替换;8个malware 通过安装根证书插入广告。Null issuer,伪造CA签名,降低公钥长度

background略

工具

流程:
1. 客户端浏览器从服务器获取Flash app
2. Flash向服务器发起TLS握手,记录ServerHello和证书信息
3. 汇报结果。服务端比较证书,不符表明有代理

测试

test1, 2014.1.6 - 2014.1.30,author's server
keyword:sports,security,freedom,smart phone,entertainment

代理是否有选择性?(黑白名单)
test2,2014.10.8-2014.10.15,
Popluar + Business + Porn + Author's

分析

签发者
1
2

Malware issuer: "Sendori, Inc", "Web-MakerPlus Ltd", and "IopFailZeroAccessCreate"

不验证合法性: Kurupira , replace untrusted certicate
with a signed trusted one

降级:2048bits, 5951(50%)被修改的证书为1024,21个为512
23(0.2%) MD5,0.06% 2432 bits

伪造签名:49(0.42%) claim signed by DigiCert. Original cert is signed by DigiCert High Assurance CA-3. just copy the field

修改subject: 51(0.43%)

Mitigation

增强证书校验安全性的方法
* multi-path probing:Convergence
* shared password: TLS-SRP
* DNS: DANE
* Cert Pinning
* Cert transparency

添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注