May 02, 2014

How many SSL MITMs are there? Here's a number: 0.2% !!!

Whenever we get into the SSL debate, there's always an aspect of glass-half-full or glass-half-empty. Is the SSL system doing the job, and we're safe? Or were we all safe anyway, and it wasn't needed? Or?

Here's a paper that suggests the third choice: that maybe SSL isn't doing the job at all, to a disturbingly high number: 0.2% of connections are MITMed.

Analyzing Forged SSL Certificates in the Wild Huang, Rice, Ellingsen, Jackson

Abstract—The SSL man-in-the-middle attack uses forged SSL certificates to intercept encrypted connections between clients and servers. However, due to a lack of reliable indicators, it is still unclear how commonplace these attacks occur in the wild. In this work, we have designed and implemented a method to detect the occurrence of SSL man-in-the-middle attack on a top global website, Facebook. Over 3 million real-world SSL connections to this website were analyzed. Our results indicate that 0.2% of the SSL connections analyzed were tampered with forged SSL certificates, most of them related to antivirus software and corporate-scale content filters. We have also identified some SSL connections intercepted by malware. Limitations of the method and possible defenses to such attacks are also discussed.

Now, that may mean only a few, statistically, but if we think about the dangers of MITMing, it's always been the case that MITMing would only be used under fairly narrow circumstances because it can in theory be spotted. Therefore this is a quite a high number, it means that it is basically quite easy to do.

After eliminating those known causes such as your anti-virus scanning, corporate inspection and so forth, this number drops down by an order of magnitude. But that still leaves some 500-1000 suspicious MITMs spotted in a sample of 3.5m.

H/t to Jason and Mikko's tweet.

Posted by iang at May 2, 2014 06:59 PM | TrackBack

This makes no distinction between MITM _attacks_ and the use of MITM _proxies_ as a matter of network policy. The latter requires root CA certificates to be installed in browsers deliberately, and is only possible because the corporation with the proxy policy also owns the IT department and the computers that the employees use. It's not a security flaw that the IT department can set its own security policy.

If the employee brings in their own laptop, or iphone, or whatever, then the corporate MITM proxy will not work as an "attack": it will pop up the typical SSL failure page, just as it is supposed to.

Posted by: Andrew Cady at May 12, 2014 07:24 PM
Post a comment

Remember personal info?

Hit preview to see your comment as it would be displayed.