Man in the middle attack against Extended Validation protected Web sites
2009-Jul-15 23:27 Filed in:All | Authentication
Two security researchers are presenting a man in the middle attack against Extended Validation (EV) protected websites through what they term “SSL Rebinding”.
The basic problem is that modern websites combines information from many sources simultaneously when providing services to users. The problem a browser faces is to decide when it is valid to show the Extended Validation protection level by the “green bar”, or similar UI distinction, when only part of the visible content is provided through an EV certificate protected TLS(SSL) session.
Some sites, such as PayPal provide part of the content through EV protected TLS while other parts are just protected using a Domain Validation (DV) certificate. Web browsers in general will however still show the whole session as EV protected.
The researchers claim to have found an attack that effectively exploits this property and will present their result at the upcoming Black Hat conference.
From http://www.eweek.com/c/a/Security/Security-Researchers-Exploit-Vulnerability-in-Handling-of-EV-SSL-Certificates/
“Two researchers will demonstrate a man-in-the-middle attack at the Black Hat security conference this month that allows them to silently sniff traffic on EV SSL protected Websites. The vulnerability in the way browsers treat EV SSL certificates makes them no more valuable than the cheapest SSL certificate, the researchers say.”
“Mike Zusman, principal consultant at Intrepidus Group, and independent security researcher Alex Sotirov plan to reveal the details of their findings at the Black Hat security conference coming up in Las Vegas later this month. In an interview with eWEEK, Zusman said that through a technique the duo calls "SSL rebinding," attackers can exploit the behavior of the browser to effectively render an extended validation SSL (EV SSL) certificate meaningless. “
“With SSL rebinding, the researchers silently switch the browser from talking to the EV SSL certificate to talking to a domain validated SSL certificate held by the attacker.”
“Zusman and Sotirov tested the attacks against recent versions of Internet Explorer and Firefox, but contend the flaw is not specific to any of the major browsers. Unfortunately, there isn’t much the browser vendors can do to solve the problem. The easiest fix would be to not trust DV SSL certificates, but that would cause many Websites to break. Also, it is unrealistic to expect everyone to upgrade to EV SSL certificates due to cost, Zusman said.”
“A more practical solution would be something along the lines of same origin policy, where the Web browser can have an internal flag that says, ‘OK, I’m talking to this Web server and it’s using an EV SSL certificate, [so] I should only talk over EV SSL . If I am presented with a domain validated certificate I should terminate that connection.’ I think that makes a lot of sense. If you’re a Website administrator you make a decision to use a high assurance EV SSL certificate, well why would you want to mix and match EV and DV SSL ?”
The basic problem is that modern websites combines information from many sources simultaneously when providing services to users. The problem a browser faces is to decide when it is valid to show the Extended Validation protection level by the “green bar”, or similar UI distinction, when only part of the visible content is provided through an EV certificate protected TLS(SSL) session.
Some sites, such as PayPal provide part of the content through EV protected TLS while other parts are just protected using a Domain Validation (DV) certificate. Web browsers in general will however still show the whole session as EV protected.
The researchers claim to have found an attack that effectively exploits this property and will present their result at the upcoming Black Hat conference.
From http://www.eweek.com/c/a/Security/Security-Researchers-Exploit-Vulnerability-in-Handling-of-EV-SSL-Certificates/
“Two researchers will demonstrate a man-in-the-middle attack at the Black Hat security conference this month that allows them to silently sniff traffic on EV SSL protected Websites. The vulnerability in the way browsers treat EV SSL certificates makes them no more valuable than the cheapest SSL certificate, the researchers say.”
“Mike Zusman, principal consultant at Intrepidus Group, and independent security researcher Alex Sotirov plan to reveal the details of their findings at the Black Hat security conference coming up in Las Vegas later this month. In an interview with eWEEK, Zusman said that through a technique the duo calls "SSL rebinding," attackers can exploit the behavior of the browser to effectively render an extended validation SSL (EV SSL) certificate meaningless. “
“With SSL rebinding, the researchers silently switch the browser from talking to the EV SSL certificate to talking to a domain validated SSL certificate held by the attacker.”
“Zusman and Sotirov tested the attacks against recent versions of Internet Explorer and Firefox, but contend the flaw is not specific to any of the major browsers. Unfortunately, there isn’t much the browser vendors can do to solve the problem. The easiest fix would be to not trust DV SSL certificates, but that would cause many Websites to break. Also, it is unrealistic to expect everyone to upgrade to EV SSL certificates due to cost, Zusman said.”
“A more practical solution would be something along the lines of same origin policy, where the Web browser can have an internal flag that says, ‘OK, I’m talking to this Web server and it’s using an EV SSL certificate, [so] I should only talk over EV SSL . If I am presented with a domain validated certificate I should terminate that connection.’ I think that makes a lot of sense. If you’re a Website administrator you make a decision to use a high assurance EV SSL certificate, well why would you want to mix and match EV and DV SSL ?”