Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Certificate Transparency: Small Town Gossip Can Save Web Users’ Privacy

Certificate Transparency Gives Hope That Trust in PKI and SSL Will be Redeemed…

Certificate Transparency Gives Hope That Trust in PKI and SSL Will be Redeemed…

SSL is the cryptographic protocol that enables secure communication over the Internet. One of SSL’s key features is protecting users from attackers that impersonate popular web services. Establishing that trust between the user and the web server is essential for enabling confidential communication which is the cornerstone of many Web applications, such as e-commerce sites, web banking services and webmail. In order to build that trust, SSL cryptographically verifies the website’s (digital) certificate. The procedures and resources required to manage the certificate’s life cycle (i.e. create, distribute, use, store and revoke) is called the Public-Key Infrastructure (PKI).

While SSL’s cryptography has been tested over the years and proven to be rather solid, the protocol stands on the very shaky foundations of the PKI. PKI related problems were at the heart of many recent SSL security incidents. As a result, many different theoretic solutions for fixing PKI security issues were suggested, but no actual progress has been made. However, a new proposal called “Certificate Transparency” has gained momentum and gives hope that trust in PKI and SSL will be redeemed.

Understanding the Current PKI Issues

To verify the authenticity of a web server’s identity, a digital certificate is used. A web browser uses SSL to cryptographically verify the site’s (digital) certificate and makes sure it was properly issued by a known Certificate Authority (CA). PKI provides a scalable “chain of trust” structure, enabling the browser to know only a limited set of CAs (often referred to as “Root CAs”) in order to verify the authenticity of the of the server. The anchor of the chain of trust is the Root Certificate Authority’s (CA) digital certificate. The root CA can delegate the ability to trustfully sign certificates to the next links of the chain (intermediate CAs) by signing their certificates.

SSL Chain of Trust Depicted with Star Trek NG
Figure 1 – SSL Chain of Trust Depicted with Star Trek NG (Image Credit)

The main problem that PKI suffers from is the fact that any CA can create a certificate to ANY site unbeknownst to the original site! As a result, the strength of SSL becomes the strength of the weakest link in the PKI chain of trust, which is the most insecure CA. This fact has been abused by attackers numerous times to create fraudulent certificates in order to masquerade as legitimate sites. The most well-known incident is perhaps the DigiNotar attack. In the attack, attributed to the Iranian government, fraudulent certificates to top sites (Google, Facebook and others ) were issued and later used to eavesdrop to Iranian originated web traffic.

Certificate Transparency: Gossip Can Save PKI

This PKI weakness has not escaped the eyes of researchers and many solutions have been proposed (PDF), but none have gained much traction in the field. However, lately it seems that the Google-backed “Certificate Transparency” has gained much momentum and may have a real chance to amend the battered PKI.

The intuition behind Certificate Transparency is simple: Masquerading can only happen in an “urban” environment, where the city is big enough for the attacker to fool enough people without getting caught. In a small town environment, where everyone knows and gossips about everyone, the lie gets exposed quickly, thus making lying economically inefficient for the liar. As Lincoln’s famous quote suggests: “You can fool all the people some of the time, and some of the people all the time, but you cannot fool all the people all the time.”

Certificate Authority Adds the Logging of Certificates

Certificate Authority Adds the Logging of Certificates (Image Credit)

Technically, Certificate Transparency introduces central logging functionality into the SSL and PKI environment. Each CA can report (“gossip”) a newly issued certificate to the certificate log server(s) and receive a signed certificate timestamp (SCT), which is a proof that the certificate was submitted to the logger.

The logger provides the desired transparency and transforms the “urban” environment into a “small town” one, in which every new certificate is gossiped about. CAs can now monitor the logging server to make sure no one had fraudulently issued certificates on their behalf, web site owners can ensure nobody created additional rogue certificates to their sites, and browsers can trust only “well known”, already “gossiped” certificates.

While this solution does not technically prevent attacks like the DigiNotar attack, as CA attackers can still report the fraudulently issued certificate to the logging server, but it makes them very non worthwhile as the attack is discovered very quikcly by the different parties that monitor the central log(s).

Why Will Certificate Transparency Succeed?

The main reason is that Certificate Transparency architecture is appropriate to serve as an update to one of the Web’s most sensitive features. It is not an “all or nothing” solution. The changes to the existing protocol are minor and can be deployed gradually. Old versions of SSL will continue to work, while new versions that support Certificate Transparency will be able to enjoy its benefits.

Secondly, Certificate Transparency enjoys the backing of Google. Google had utilized its engineering power to deploy the needed certificate log servers and also updated its Chrome browser (version 33) to support it.

Certificate Transparency

Certificate Transparency in the Field (chrome 33)

When two of the triangles’ corners (log server and browser support) are already implemented by Google, it makes it very easy for the last corner of the triangle, the CAs, to join in. And indeed some major CAs have announced their support for Certificate Transparency.

It seems that once more sunlight is proven to be the best disinfectant, this time by using transparency via gossiping to heal PKI infections.

Insight: Is Your Enterprise Managing Certificates? Three Reasons It Should Be.

Insight: Aberdeen Research: Encryption, Without Tears

Industry ReportCost of Failed Trust Report

Written By

Click to comment

Expert Insights

Related Content

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Cyberwarfare

The U.S. is tracking a suspected Chinese spy balloon spotted over U.S. airspace, officials said on Feb. 2, 2023.