{"id":11859,"date":"2018-08-29T19:58:07","date_gmt":"2018-08-29T15:58:07","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/?p=11859"},"modified":"2019-11-15T15:22:52","modified_gmt":"2019-11-15T11:22:52","slug":"residual-certificates-mitm-dos","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/residual-certificates-mitm-dos\/11859\/","title":{"rendered":"MitM and DoS attacks on domains through the use of residual certificates"},"content":{"rendered":"

HTTPS certificates are one of the pillars of Internet security. But it is not all roses with them. We have already discussed the ways the existing system often fails to guarantee security to users<\/a>. Now let us focus on what can go wrong for the website owners.<\/p>\n

Two valid certificates for the same domain<\/h3>\n

Domain registration and HTTPS certification are often controlled by different organizations, so the validity periods for domains and certificates will not necessarily be the same. That leads to situations in which the former and the current owners hold valid<\/em><\/em> certificates for the same domain at the same time.<\/p>\n

What can go wrong in a situation like that, and how widespread is the problem in real life? At DEF CON 26<\/a>, researchers Ian Foster and Dylan Ayrey presented their study of the problem<\/a>. According to them, there are even more complications than seen at first glance \u2014 and it\u2019s a surprisingly widespread problem.<\/p>\n

The most obvious problem is just what you might expect to happen if someone else holds a valid certificate for your domain: a \u201cMan-in-the-Middle<\/a>\u201d attack on the users of your website.<\/p>\n

Foster and Ayrey used the Certificate Transparency<\/a> project\u2019s certificates database to identify 1.5 million certificate cross-ownership problems \u2014 which amounts to almost 0.5% of all Internet sites. In one quarter of these cases, the older certificate is still valid, which leaves 375 thousand domains vulnerable to the Man-in-the-Middle.\"\"<\/a><\/p>\n

But that\u2019s not all. It is quite common to make one certificate for multiple domains \u2014 easily dozens or even hundreds of them. For example, Foster and Ayrey were able to detect a certificate covering 700 domains at the same time, and as the researchers say, this list includes several very popular domains.<\/p>\n

Not surprisingly, some of those 700 domains are currently up for grabs; therefore, anyone can get one of them registered and get an HTTPS certificate for it. Now the question is, does the new domain owner have the right to revoke the previous certificate to protect his website from a Man-in-the-Middle attack?<\/p>\n

Can the certificate be revoked?<\/h3>\n

Certificates can, in fact, be revoked. The certification centers\u2019 operating procedure<\/a> provides for certificate revocation if \u201cany of the information appearing in the Certificate is inaccurate or misleading.\u201d Such revocation has to take place within 24 hours of receipt of the notification.<\/p>\n

Foster and Ayrey took a look at how that works in real life, and they found that the procedure varies greatly for different certification centers. Thus, Let\u2019s Encrypt employs automated tools that help revoke a certificate very quickly \u2014 almost in real time. At other certification centers, you will have to communicate with actual people, so it won\u2019t be so fast. Sometimes, getting a certificate revoked takes perseverance and much more than the specified 24 hours of waiting time. In the worst cases, you may even fail to have a certificate revoked. For example, the researchers\u2019 correspondence with Comodo ended with a suggestion to \u201cforget about this SSL and order a new SSL.\u201d\"\"<\/a><\/p>\n

One way or another, you will have a residual certificate revoked more likely than not. The news is both good and bad. On the one hand, the new domain owner will in most cases be able to protect himself from a Man-in-the-Middle attack that uses the residual certificate vulnerability. On the other hand, it means someone else may purchase a free domain from among those covered by a \u201cshared\u201d certificate and have it revoked, thereby strongly handicapping the use of the associated websites.<\/p>\n

How widespread is this problem? Even more so than the previous one: 7 million domains \u2014 more than 2% of the Internet! \u2014 share their certificates with domains whose registrations have already expired. 41% of the previous certificates are still valid. Therefore, several million domains are currently exposed to DoS attacks<\/a> that use the certificate revocation vulnerability.\"\"<\/a><\/p>\n

Let us get back to the abovementioned 700-domains certificate. To demonstrate how immediate the problem is, the researchers purchased one of the free domains covered by this certificate. So now, in theory, they have an opportunity to launch a DoS attack on hundreds of active websites.<\/p>\n

How to get protected<\/h3>\n

A total of 375,000 domains are vulnerable to MitM attacks and several million more to DoS attacks through the use of residual certificates. Your domains, too, may be on the list. With the report having been presented at the biggest hacking conference, you may rest assured \u2014 someone is already looking for vulnerable domains, even as you are reading this article. But how can website owners protect themselves? Foster and Ayrey suggest these steps:<\/p>\n