SESSIONID:SESSIONID:

#RSAC

Kirk Hall

100% Encrypted Web New Challenges for TLS

PDAC-W10

Dir. Policy and Compliance, SSLEntrust Datacard

#RSAC

We are moving toward a 100% encrypted web – but can we get it right? We must leverage certificate identity data for greater user security

#RSAC

WeWillDiscuss…

3

TypesofServerCertificatesPastandPresentBrowserUISecurityIndicatorsPositiveDevelopmentsinEncryptionNegativeDevelopmentsinEncryptionUsingIdentityinCertificatesasaProxyforUserSafetyHowDoWeGettoaCommonBrowserUIThatLeveragesIdentity?NextSteps

#RSAC

Types of Server CertificatesDigital Certificate Refresher

#RSAC

TypesofServerCertificates

5

DomainValidated(DV)– Noidentityinformation,justaconfirmeddomain

#RSAC

TypesofServerCertificates

6

DomainValidated(DV)

CloseUp:

SampleBrowserTreatment(Chrome):

#RSAC

TypesofServerCertificates

7

OrganizationValidated(OV) – Basicidentityconfirmationthroughsimplevetting,confirmedcustomercontactusingreliablethirdpartydata

#RSAC

TypesofServerCertificates

8

OrganizationValidated(OV)

CloseUp:

SampleBrowserTreatment(Chrome):

#RSAC

TypesofServerCertificates

9

ExtendedValidation(EV) – Strongidentityconfirmationthroughextensivevettingusingreliablethirdpartydata,andgovernmentregistries

#RSAC

TypesofServerCertificates

10

ExtendedValidation(EV)

CloseUp:

SampleBrowserTreatment(InternetExplorer):

#RSAC

Past and Present Browser UI Security Indicators

#RSAC

PastandPresentBrowserUISecurityIndicators

12

1995-2001:OrganizationValidation(OV)only;two UIsecuritystates

2001-2007:DomainValidated(DV)addedasalternativetoOV;stillonlytwo securityUIstates– nodifferentiationbetweenDVandOV

#RSAC

PastandPresentBrowserUISecurityIndicators

13

2007-Present:ExtendedValidation(EV)addedasalternativetoDVandOVFour securityUIstates,including“problem”state;stillnodifferentiationbetweenDVandOV

#RSAC

Positive Developments in Encryption

#RSAC

PositiveDevelopmentsinEncryption

15

Rapidmovetoencryption– Webnowover50%encryptedBrowsersmandatingencryptioninstages– otherwisereceivenegativebrowserUI– “https://”becomingthenewnormalEncryptedsitesreceivehigherSEOrankingsAutomatedcertificateissuanceandinstallation– Boulder,ACME,Certbot – makeiteasyforsmallusersFreeDVcertificateservices– Let’sEncryptandothers– encouragewebsitestotryitoutThePCISecurityStandardsCouncil recommendstheuseofOV/EVcertsaspartoftheBestPracticesforSafeE-Commerce

Source:https://www.pcisecuritystandards.org/pdfs/best_practices_securing_ecommerce.pdf

#RSAC

PositiveDevelopmentsinEncryption

16

Encryptionisincreasingrapidly– nowover50%

#RSAC

PositiveDevelopmentsinEncryption

17

But what good is encryption if you don’t know who you’re talking to…?

#RSAC

Negative Developments in Encryption

#RSAC

NegativeDevelopmentsinEncryption

19

MalwareexploitsaremovingtoencryptionandarehardertoblockRISING USE OF ENCRYPTION GIVES MALWARE A PERFECT PLACE TO HIDE

“Nearlyhalf ofcyber-attacksthisyearhaveusedmalwarehiddeninencryptedtraffictoevadedetection.

Inanironictwist,A10Networkshasannouncedtheresultsofaninternationalstudy***revealingthattherisktofinancialservices,healthcareandotherindustriesstemsfromgrowingrelianceonencryptiontechnology.

Agrowingnumberoforganizationsareturningtoencryptiontokeeptheirnetworkdatasafe.ButSSLencryptionnotonlyhidesdatatrafficfromwould-behackers,butalsofromcommonsecuritytools.”Source:http://www.infosecurity-magazine.com/news/rising-use-of-encryption-gives/

#RSAC

NegativeDevelopmentsinEncryption

20

DVcertificatesarenowthedefaultchoiceforfraudsters– “look-alike”names,anonymity,free,thepadlock,noUIwarnings:

#RSAC

NegativeDevelopmentsinEncryption

21

CERTIFICATE AUTHORITIES ISSUE SSLCERTIFICATES TO FRAUDSTERS“Injustonemonth,certificateauthoritieshaveissuedhundredsofSSL

certificatesfordeceptivedomainnamesusedinphishingattacks.SSLcertificateslendanadditionalairofauthenticitytophishingsites,causingthevictims'browserstodisplayapadlockicontoindicateasecureconnection.Despiteindustryrequirementsforincreasedvettingofhigh-riskrequests,many fraudstersslipthroughthenet,obtainingSSLcertificatesfordomainnamessuchasbanskfamerica.com ***,ssl-paypai-inc.com ***,andpaypwil.com***.”

Source:http://news.netcraft.com/archives/2015/10/12/certificate-authorities-issue-hundreds-of-deceptive-ssl-certificates-to-fraudsters.html

#RSAC

NegativeDevelopmentsinEncryption

22

Manybrowsersnolongerdoeffectiverevocationchecking

CONCLUDING DISCUSSION

“Overall,ourresultsshowthat,intoday'sWeb'sPKI,thereisextensiveinaction withrespecttocertificaterevocation.Whilemanycertificatesarerevoked(over8%offreshcertificatesandalmost1%ofalivecertificates),manywebbrowserseitherfailtocheckcertificaterevocationinformationorsoft-failbyacceptingacertificateifrevocationinformationisunavailable.”

Source:https://web.stanford.edu/~aschulm/docs/imc15-revocation.pdf

#RSAC

NegativeDevelopmentsinEncryption

23

SomeCAsnolongerdocertificaterevocationforencryptedmalwaresites

Let’sEncryptbelievesthat“CAsmakepoorcontentwatchdogs,”andeventhoughphishingandmalwaresitesarebad“we’renotsurethatcertificateissuance(atleastforDomainValidation)istherightlevelonwhichtobepolicingphishingandmalwaresitesin2015.”SoLet’sEncryptwillnotrevokeforphishingorfraud.“TreatingaDVcertificateasakindof‘sealofapproval’forasite’scontentisproblematicforseveralreasons,” includingthatCAsarenotwell-positionedtooperateanti-phishingandanti-malwareoperationsandwoulddobettertoleavethoseactionstothebrowserwebsitefilters.

Source:https://letsencrypt.org/2015/10/29/phishing-and-malware.html

#RSAC

NegativeDevelopmentsinEncryption

24

Usersassumeallencryptedsiteswithpadlocksare“safe”sites:“Thebiggestproblemwith[thedisplayofDVcertificatesinthebrowserUI]isthatit

democratizesaccesstohttpsforanywebsite.Yes,onthesurface,thisshouldinfactbeapositivethingthatwe'recelebrating.Unfortunatelyhumannaturecomesintoplayhere.Whenmostpeople(non-geeks/non-IT)seehttps,immediateandunwaveringtrustisimplied.

“Eventhough[DVcertificatesare]merelyprovidingencryptionforyourwebsite,mostpeoplevisitingitwillgiveitthesameleveloftrustaswebsiteswiththe"greenbar"https(ExtendedDomainValidation),whichincludesthecompanynamenexttothepadlockintheaddressbar.”Fraudstersalsosprinklestatic“padlocks” alloverthepagetofoolusers.

Source:http://www.datamation.com/security/lets-encrypt-the-good-and-the-bad.html

#RSAC

WhatAboutBrowserWebsiteFilters?

25

Browserwebsitefiltersexpand,butarenotacompletesolution forusersafety– thousandsofbadsitesarenotincludedMicrosoftSmartScreenproblems:OnlyprotectsusersinWindows

Userscan’treportphishingURLs– mustvisitbadsitefirsttoreport,clickonbuttonSmartScreenfilterscanbebypassedbyfraudsteremail/click-throughs tobadsite

GoogleSafeBrowsing:OnlyworksonGooglesearchresults/GooglepropertiesPrivacyissues– cookies,retainsbrowsingrecordsonsamedeviceReliesonproprietaryGooglealgorithms,nottransparenttousers

BothSmartScreenandSafeBrowsingmustbeturnedontoworkReactivesystems–backtothe‘90s

Likecopssolvingacrimeafter ithappens– butnotpreventing thecrime

#RSAC

ManyBadSitesMissedbyBrowserFilters

26

[URLsmodifiedforsafety]Source:Comodo ValkyriemalwareanalysissystemMorephishinglinks:http://cdn.download.comodo.com/intelligence/ctrl-06-02-url.txtMoremalwarefilelinks:http://cdn.download.comodo.com/intelligence/ctrl-06-01-url.txt

ThousandsofMalware/PhishingsitesnotdetectedSmartScreen SafeBrowsing

usbbackup.com/cgi-biin/update.apple-id.com/4bebac1b93b057sjgurnm94a6b06c59b7/login.php 0760mly.com/js/wwwpaypalcom/IrelandPayPal/signing38CountryIE/ieLogIn.html aggelopoulos.com/wp-content/uploads/2008/ 07/ www.paypal.com/beta.entab9387.net/wp-theme/image/img/DHL/tracking.php https://gallery.mailchimp.com/2724801a312bda1123d554199/files/Electronic_Shipping_Document.zip

http://121.134.15.63/www.paypal.com/websc-login.php http://alfssp.net/www.confirm.paypal.com/websc-login.php http://aquaseryis.marag.pl/wp-includes/random_compat/apple.co.uk/ https://gallery.mailchimp.com/2724801a312bda1123d554199/files/Electronic_Shipping_Document.zip

#RSAC

Whatmorecanbedone?

27

So what more can we do to protect users in 100% encrypted

environment…?

#RSAC

Using Identity in Certificates as a Proxy for User Safety

#RSAC

ConfirmingIdentity– HowIt’sDone

29

OrganizationVetting(OV)Find thecustomerinareliablethirdpartydatabase,suchasDun&BradstreetorHoover’s

Call thecustomerrepresentativethroughanumberfoundonthethirdpartydatasource,confirmorderislegitimate:+1-425-882-8080 forMicrosoft

Confirm domainownershiporcontrol(usingCA/BrowserForumMethods)

#RSAC

ConfirmingIdentity– HowIt’sDone

30

ExtendedValidationVetting(EV)– Allthatandmore:Confirmactivestatusofcorporationwithgovernmentagency

CheckauthorityofcustomerrepwithcompanyHRDepartment

Checkagainstblacklists,prohibitedlists,etc.

#RSAC

What’stheProblemWithCurrentBrowserUIs?

31

NoconsistencyamongbrowserUIsastofourstates:unencrypted,DV,OV,andEVIndividualbrowsersfrequentlychangetheirownUI,userscan’tkeepupAddingarrayofotherwarningstoUI(minorproblems,majorproblems)thattheaverageuserdoesn’tunderstandMostmobiledevicesdon’tevenshowanysymbolforencryptionAsaresult,usersareconfused abouthowtoreadbrowserUIs

TAKE A LOOK…

#RSAC

WhatDoesThisMean?Universal- “STOP!”

32

#RSAC

Whatif“Stop”SignsWereAlwaysChanging?

33

That’swhatbrowserUIsecurityindicatorshavedone – userconfusion!

#RSAC

WhatDoesAnyofThisMean?WhataMess!

34

Source:RethinkingConnectionSecurityIndicators,https://www.usenix.org/system/files/conference/soups2016/soups2016-paper-porter-felt.pdf

#RSAC

MoreExamplesofConfusingBrowserUIs

35

Source:CASecurityCouncil(CASC)

#RSAC

Plus,WhatDoAllTheseWarningsMean?

36

Source:CASecurityCouncil(CASC)

#RSAC

HelpIsOnTheWay!…Orisit?

37

June2016GoogleUIpaperproposedstandardizingaroundonlythreesecuritystates–butbasicallyabinary, two-state “secure/notsecure”UI.Plus,EVUImaybedisappearing:

#RSAC

GoogleBinaryUIProposal

38

Good: Bad:

NomoreEV?DV,OV,EVallthesame?

#RSAC

Here’sWhatThisCanMean

Phishingsite:paypal.com.summary-spport.comHere’showitlooksasanhttp sitetoday– justagraycircle-i:

Soon,Chromewilltreathttp sitesas“NotSecure”:

#RSAC

PhisherswillmovetoDVcertsfor“Secure”UI

Phishingsite:paypal.com.summary-spport.com getsanonymous,freeDVcert:

Chromegives“Secure”https browserUItophishingsite:

#RSAC

IsThistheFuture?

IfEVgreenbardisplayislost inChrome,andreal andphishingPayPalLoginpageslookthesame(“Secure”)– Can’ttellthedifference!

#RSAC2016Study– https alonenolongereffectiveforanti-phishing,EVindicatorscanbeimproved

“Inthepast,HTTPSwasviewedasasignofwebsitetrustworthiness;gettingavalidHTTPScertificatewastoodifficult fortypicalphishingwebsites.***Subsequently,HTTPShasceasedtobeausefulsignalforidentifyingphishingwebsitesbecauseitisnolongerunusualtofindmaliciouswebsitesthatsupportHTTPS.***

“EVisananti-phishingdefense,althoughitsuseislimitedbylackofsupportfrompopularwebsitesandsomemajormobilebrowsers.AllmajordesktopbrowsersdisplayEVinformation,butsomemobilebrowsers(includingChromeandOperaforAndroid)donotdisplayEVinformation.OlderliteraturesuggeststhatEVindicatorsmayneedimprovement.***ImprovingEVindicatorsareoutofscopeforourcurrentwork.”

Source:RethinkingConnectionSecurityIndicators,https://www.usenix.org/system/files/conference/soups2016/soups2016-paper-porter-felt.pdf

#RSAC

ChainofLogic

43

Browsersarepushingwebsiteownersto100%encryption(good)FraudstersarerushingtofreeDVcertstohide(bad)DVcertsarefree,allowanonymity,noidentity,norecourseOVandEVcertsincludeidentity,allowrecourse– almostnofraudorphishinghasbeenrecordedforOV,noneforEV

But,userscan’ttellthedifferencebetweenDVandOVcerts– bothreceivethesameUI inthebrowsers;EVmaybedowngradedtosamelevelasDVandOVbyChromeinfuturereleaseConclusion:WearewastingvaluableidentityinformationalreadyinsideOVandEVcerts– shoulduseasaproxy forusersafety

#RSAC

Let’sUsetheDataWeAlreadyHave

Thereissomuchidentitydataincertificatestoday– butmostofit’shiddenWhyaren’tweusingidentitydatatoblockphishingandmalwaresites?

Source:FrostandSullivan

2016Data

Type Number(000s)

Percent Combined

DV 7,503 75% OV 2,353 24% 25%EV 243 1%

#RSAC

How Do We Get to a Common Browser UI That Leverages Identity?

#RSAC

FivePrinciplesofTLSCertificateIdentity

46

First,adopttheFivePrinciplesofTLSCertificateIdentity:

1. Identity inTLSservercertsshouldbeusedbybrowsersasaproxyforgreaterusersafety

2. CAsshouldvettheircustomerstothehighestidentitylevelpossible

3. OVcerts shouldreceivetheirownbrowserUIdifferentfromDVcertstoshowusersafety

4. EVcertsshouldcontinuetoreceiveaseparatebrowserUIfromOVandDVcertstoshowgreaterusersafety

5. BrowsersshouldagreeoncommonUIsecurityindicators,avoidchangestoUI,andworkwithotherstoeducateusersaboutthemeaningofthecommonUIsecurityindicatorsforgreaterusersafety.

#RSAC

Here’sWhoHasEndorsedtheFivePrinciples

47

CurrentendorsersoftheFivePrinciplesofTLSCertificateIdentityandadoptionofanew“Universal”browserUI:

MoreCAendorserstocome…

#RSACDowebsiteownerscareaboutidentity?Youbettheydo!(Nooneaskedthembefore…)

PUBLICENDORSEMENTOFWEBSITEIDENTITYPRINCIPLESWe,theundersignedorganizations,stronglysupportthedisplayofwebsiteidentityforusersecurity,andwespecificallyendorsethefollowingwebsiteidentityprinciples:

1. Websiteidentityisimportantforusersecurity.

2. TLScertificatetypesthatareusedtosecurewebsites– ExtendedValidation(EV),OrganizationValidated(OV),andDomainValidated(DV)certificates– shouldeachreceiveadistinct,clearly-definedbrowserUIsecurityindicatorshowinguserswhenawebsite’sidentityhasbeenindependentlyconfirmed.

3. BrowsersshouldadoptacommonsetofbrowserUIsecurityindicatorsforeachcertificatetype,andshouldeducateusersonwhatthedifferencesaretopromoteusersecurity.

ThefollowingenterprisesendorsetheseWebsiteIdentityPrinciples:

#RSACWebsiteownerswhosupportWebsiteIdentityPrinciples

Source:ComodoandEntrustDatacard

Plusmanymoreenterpriseendorsers!SignuptosupporttheWebsiteIdentityPrinciplesatCASCsite:casecurity.org/identity

#RSAC

Adopta“Universal”UIforallBrowsers

50

Hereisaproposal thatwouldworkfordesktopandmobileenvironments.Thisisjustastartingpointfordiscussion…

Designby:ChrisBailey

#RSAC

ObstaclesandResponsesto“Universal”UI

51

“Usersdon’tunderstandthedifferenceamongDV,OV,andEV”Response: That’sbecausebrowserskeepchangingUIs,andthere’snousereducation=userconfusion

“OVvettingisn’trigorousenoughforitsownUI”Response: CAsstandardizedOVvettingin2012,andcanstrengthenfurther

“Webrowserswilldecidesafetyforourusers– maybejustabinaryUI”Googleapproach– buttotallywastesavailableidentityinformationincerts

“It’stoohardtotransitionfromcurrentDV/OVsingleUItonewOVUI”Response:announceayearahead– customerswillmigratetoOVtogetthebetterUI

#RSAC

UserEducationwillbeBasedonCertGuidelines

52

Tohelpdevelopusereducation,startbydefiningwhentouseeachtypeofcertificate:

#RSAC

HowDoWeEducateUsersontheNewUI?

53

Here’sthesimplemessageforusers:“Lookforthewarnings”andinsistonencryptionasaminimumrequirement(i.e.,followthebrowserwarnings toavoidhttp,brokenhttps)“Lookforthepadlockintheaddressbar”(OVorEV)beforeprovidinganypersonalinformation (password,creditcardnumber)toawebsite“Lookforthegreenbar” (EV)forhighsecuritytransactions,suchasbankingorhealthcarematters

Wesuccessfullytraineduserstolookforapadlocktenyearsago– wecantrainthemagainwithnew,commonUIsecurityindicators

#RSAC

Next Steps

#RSAC

NextStepsforUserSecurity

55

Browsersshouldcollaborate andadoptacommon“Universal”UIBrowsersshouldannounceatransitiondatetonewUniversalUIPadlockwilldisappearforDV,whichwillbecomethenew“normal”stateOVcertswillreceiveanew,distinctUIsymbolEVcertswillcontinuewithanenhancedEVUIsymbol

Startaneducationprogramtoprepareusers,websiteownersCAsshouldworkonstrengtheningOVvetting,improvedcommonstandardsCollectandrespondtodata ontheuseofcertsbyfraudsters(DV,OV,EV)

RESULT: asaferInternetforuserswithin1-2years;fraudprevention

#RSAC

Summary

56

FraudstersaremovingtoDVcertificatesFraudstershateidentity– theyavoidOVandEVcertificatesTherefore,OVandEVcerts(25%ofsites)representmuchsafer sitesforusers– preventcrimeOnthisbasis,OVandEVcertsdeservetheirowndistinctbrowserUIsforusersafetyDON’TeliminateEVUI,DON’TcreatebinaryUIof“secure”vs.“notsecure”- thathidesidentityBrowsersshouldworktogethertocreateacommonUniversalUIAllshouldworktogethertoeducateusersonthenewUniversalUI

#RSAC

Thank you! Questions?Download White Paper “Use of Identity in SSL-TLS Certs for User Safety” and sign petition at: casecurity.org/identity

#RSAC

TheFirstDraftofa“Universal”UI

Designby:ChrisBailey