Certificate Authority Collapse

A.M. Arnbak LL.M.

Can HTTPS Web Browsing Be Secured

Through Regulation?

Hong Kong University, Law Tech Talk, 26 February 2013

Work in Progress

Paper v2.0 due in two weeks

2

Outline Presentation

• HTTPS

• DigiNotar

• Landmark breach

• Insightful, illegitimate mitigation

• HTTPS: Systemic vulnerabilities

• Sweeping EU Proposal: eSignatures Regulation

• Conclusions

3

HTTPS: The Padlock

4

HTTPS* uses SSL/TLS PKI protocol:

Handshake → Encryption

5

*also used by apps, FTP/SMTP/SIP

HTTPS „Handshake‟ Data Flows

6

Prevents (?) Man in the Middle Attack

7

Outline Presentation

• HTTPS

• DigiNotar

• Landmark breach

• Insightful, illegitimate mitigation

• HTTPS: Systemic vulnerabilities

• Sweeping EU Proposal: eSignatures Regulation

• Conclusions

8

9

DigiNotar

9

Dutch Government Got off to a Good Start:

„Stop Using Teh Interwebz!‟

• Minister Donner:

“Don’t do it; use

letters and bank

cheques, just like me”

10

De Telegraaf, Frontpage, 5 Sept. 2011:

Piet Hein Donner

11

False certificates

• 26: *.google.com

• 22: *.skype.com

• 14: *.torproject.org

• 20: Comodo Root CA

• 45: Thawte Root CA

• 17: addons.mozilla.org

• 4: update.microsoft.com

• 25: www.cia.gov

12

• Forensic report:

Google: 300.000 IP addresses affected

The list of domains and the fact that 99% of the users are in Iran

„suggest‟ that the objective of the hackers is to intercept private

communications in Iran. Numbers are, however, contentious

13

... Actually very uncertain

• OCSP logging highly contentious

– Not supported by all browsers and clients

– Could have been faked by attackers

• This seems the case. From the new forensic report:

http://www.rijksoverheid.nl/bestanden/documenten-en-publicaties/rapporten/2012/08/13/black-tulip-update/black-tulip-update.pdf

14

Time Line & Policy Responses

• 06 June: Possibly first exploration by the attacker(s)

• 19 June: Incident detected by DigiNotar by daily audit procedure

• 10 July: The first succeeded rogue certificate (*.Google.com)

• 04 August: Start massive activity of *.google.com

• 27 August: First mention of *.google.com certificate in blog

• 29 August: DigiNotar‟s *.google.com certificate is revoked

• 2-3 September: Dutch government takes over DigiNotar

• All September: Microsoft delays automatic security patches

• 20 September: DigiNotar bankrupt

• >today: Reporting/analysis

• >today: gradual transition, DigiNotar certificates still used!

15

Open Questions…

• Actual damage of the DigiNotar breach?

• Legal basis for government take-over?

• Why did the government not kill the DigiNotar servers?

• Revocation: wheeling and dealing with Microsoft?

16

Outline Presentation

• HTTPS

• DigiNotar

• Landmark breach

• Insightful, illegitimate mitigation

• HTTPS: Systemic vulnerabilities

• Sweeping EU Proposal: eSignatures Regulation

• Conclusions

17

HTTPS „Handshake‟ Stakeholders

18

To name a few…

• Any CA can vouch for any domain name

– Any CA single point of failure

• Root CAs: default trust by browser

– Based upon paper audit, no forensic tests

• Subordinate CAs: market for subletting root status

– Premium brands versus cheap brands – security?

• Revocation: browser trade-off connectivity ↔ security

– CA scale is risk vector: big CA‟s won‟t be revoked

• Websites implement HTTPS poorly

– Only 19.2% up to date (SSL Pulse, 2013)

19

Actor-based Value Chain Approach:

Every Actor Part of the Problem

20

HTTPS market: 100+ CA‟s, 54

jurisdictions, 50+ government-owned

21

HTTPS market: new empirical data [1]

22

HTTPS market: new empirical data [2]

23

Why not more often abused? Threat model:

States and Corporations, not cybercriminals

24

“Many attacks cannot be made profitable, even when

many profitable targets exist.”

http://weis2011.econinfosec.org/papers/Where%20D

o%20All%20the%20Attacks%20Go.pdf

Outline Presentation

• HTTPS

• DigiNotar

• Landmark breach

• Insightful, illegitimate mitigation

• HTTPS: Systemic vulnerabilities

• Sweeping EU Proposal: eSignatures Regulation

• Conclusions

25

EU Proposal: eSignatures Regulation

• June 2012: EU eSignatures Regulation

• Once adopted, direct binding force in 27 Member States

• All crucial issues discussed in § 4 paper

• Today, 3 issues in focus

– Underlying Values

– Scope

– Liability

26

In focus: underlying values

• Rationale EU Proposal

– “Facilitate digital economy”

– … that‟s it???

• Other interests go unmentioned!

– Reliability, confidentiality, integrity of communications

– Constitutional values: communications freedom, privacy

• Real consequences

– Balancing exercises of executive power

– Formulation of delegated acts

27

In focus: scope

• EU proposal

– „Trust service providers‟ established in EU

• Includes CA‟s issuing SSL certificates

• Other critical stakeholders unregulated

– Explanatory memo. hints at requirements for websites

– But: „responsibility of the HTTPS market‟

• Exceptionally poor argument: „not all EU organisations are

securing their website‟ (p. 35 & 87 Imp Assessment)

• Real consequences

– Disproportionate burden on subset of HTTPS value chain

28

In focus: liability [1]

• EU proposal, art. 9(1):

– „liable for any direct damage (..) due to failure to comply with

Article 15(1), unless (..) he has not acted negligently.‟

» Art. 15(1): open security norm – „state of the art‟

• Other stakeholders unmentioned

– Websites: cheap certificates / poor HTTPS implementation?

– Untimely patching by browsers, OS manufacturers?

– Software manufacturers?

29

In focus: liability [2]

• Real consequences

– Liability may be helpful to incentivise CA‟s

• Security practises

• Proper logging, as they bear burden of proof

– But art. 9(1):

• „Any direct damage‟

– Single company liable for entire HTTPS system?

» DigiNotar liable for damages Google, Microsoft?

» Deadly blow to needed insurance market?

» Favourable to incumbents able to pay insurance fees

30

The US Approach?

Multi-Stakeholder Standardization Process

31

Sensible latest market developments

32

Outline Presentation

• HTTPS

• DigiNotar

• Landmark breach

• Insightful, illegitimate mitigation

• HTTPS: Systemic vulnerabilities

• Sweeping EU Proposal: eSignatures Regulation

• Conclusions

33

Conclusion [1]

Critical Reflection

• Regulation might help to influence incentives, but

– Disproportionate burden on CAs

• Anti-competitive

• May even destroy entire market

• Systemic vulnerabilities remain/reinforced

– HTTPS not error prone

– Next CA breach, again significant disruption

• Technical solution needed, regulation cannot force it

34

Conclusion [2]

Actor-based Value Chain Approach

• Apprise full set of underlying values

– Conceptualise „Security‟

• Risk Assessment: Availability, Confidentiality, Intergrity

• Balance economic, public & fundamental rights interests

• Employ Actor-Based „Value‟ Chain analysis

– Identify Stakeholders and Interactions

– Identify Structural Vulnerabilities

– Consider (Regulatory) Intervention

• Do incentives lead to desired outcomes?

– Security economics

35

36

Contact Info

36

Institute for Information Law (IViR)

University of Amsterdam

http://www.ivir.nl/

A.M. Arnbak, LL.M. – a.m.arnbak@uva.nl, LinkedIN, twitter@axelarnbak

Paper: http://ssrn.com/abstract=2031409

Update expected March 2013, joint work with Prof. Nico van Eijk, IViR, and Prof. Michel

van Eeten & Hadi Asghari, TU Delft