Certificate reputation, a novel approach for protecting users from fraudulent certificates


At the IETF in London last week, we presented a proposal called Certificate Reputation for detecting fraudulent certificates, in order to protect you from attackers that could have stolen a site’s identity. This prevents malicious sites from phishing your personal information like passwords, bank account numbers, credit card numbers etc. Recent attacks against public and Microsoft CAs (e.g. the DigiNotar and Comodo attacks) led us to develop mechanisms that protect you from such threats.

Background

When you visit your bank site, IE relies on digital certificates (certificate for short) to ensure you are connected to the intended Web site. In order for the certificate to be considered valid, it needs to be issued by a trusted authority. This is similar to driver’s licenses in the United States. The driver’s license is only valid and accepted if it is issued by the Department of Licensing. In the Web world, a “Trusted Certification Authority” (trusted CA for short) issues certificates for Web sites. A certificate issued by a trusted CA is considered legitimate by a browser just like a driver’s license issued by the Department of Licensing is considered a valid form of identification. Browsers maintain a list of trusted CAs that help them verify certificates and establish the identities of sites.

Sometimes, certificates can be fraudulent or issued incorrectly

Trusted CAs are in the business of selling certificates. Normally, the owner of the site hosted on yourbank.com picks one of these trusted CAs, say ABC and works exclusively with them to purchase their certificate. In this case, ABC should know the owner of the site hosted on yourbank.com and should not sell the certificate for yourbank.com to anyone else. However, recent issues with certificates from Comodo proved that these verifications can be error prone. Additionally, the attacker might be able to get the certificate for yourbank.com by either hacking a CA or one of its retailers. Unfortunately, a fraudulent certificate obtained in this manner from a trusted CA will be trusted on all browsers. While there is a very high bar for such an attack, DigiNotar and Comodo were victims of this.

A data driven solution for detecting fraudulent certificates

As you can imagine, this is a tricky problem to solve. This is similar to a “trusted authority” like the Department of Licensing issuing a driver’s license in your name to an impersonator. Since everyone trusts the drivers’ licenses issued by the Department of Licensing, a fake driver’s license would be very hard to detect.

When we got to the drawing board to solve this problem, we set forth some principles and goals:

  • Keep you safe from fraudulent certificates on the Internet without interrupting your workflow or preventing access to legitimate sites
  • Not require a lot of changes to the ecosystem allowing easier adoption
  • Preserve the privacy of site owners

We landed on a solution called Certificate Reputation that utilizes telemetry to detect abnormalities. As you are browsing the Web with IE11 (and have opted in to SmartScreen®), IE sends data to Microsoft about certificates that it encounters while validating server identities.

If a new certificate issued by a different trusted CA (other than the one the site uses typically) is detected for a site, Certificate Reputation can flag it automatically. This positions us to contact the site owner allowing them to initiate a revocation of that certificate or confirm that it is legitimate.

This Microsoft service harnesses the power of data mining and relies on heuristic algorithms. It doesn’t require any action from you and changes from trusted CAs making it easily adoptable and sustainable over a long period of time. In the near future, we hope to automate the notification process as well.

In the future, the certificate telemetry collected by IE11 can be used to monitor CAs’ compliance with industry guidelines and Microsoft Root CA technical requirements for SSL certificates. We can reach out to the CAs when we detect weak certificates, raising the bar for attackers and keeping you safer on the Web. You can read about other ways in which we plan to use this valuable data to improve Web security in this other blog.

Conclusion

With Microsoft’s novel approach for detecting fraudulent certificates, you can feel safer when visiting your favorite bank, email or social networking sites.  IE will do this seamlessly by collecting data about certificates in use, detecting new certificates and reporting them to site owners who can revoke them if invalid. This creates a fast and reliable process for revocation which does not require any action from you or trusted CAs and preserves the privacy of site owners. We received a positive response to this proposal from the attendees at IETF as they appreciated Certificate Reputation’s goals around privacy and easy adoption. As we continue to engage with the CAs and IETF on this, we would love to hear your thoughts and feedback!

— Anoosh Saboori and Ritika Kapadia, Program Managers on Windows and Internet Explorer

Comments (19)

  1. Does your system collect the full certificate if it's unexpected, or only metadata about it? How do you handle cases where the user encounters an *expected* interception certificate (e.g. because they're debugging with Fiddler or are behind a corporate threat management proxy like BlueCoat, ISA TMG, etc)?

    The mechanism described doesn't actually protect the *current* user, does it? Since it's telemetry only, it only informs Microsoft that an interception is going on somewhere in the world, but it doesn't notify that victim does it? It also doesn't help in cases where the attacker can block network access to the SmartScreen service, does it?

    It seems like supporting one of the various certificate pinning proposals would be helpful to enable protection of the active user rather than some future site visitors?

    Is there any privacy impact? I assume you're not collecting certificates from sites in the Intranet zone?

  2. Brenno says:

    What if these data transmissions to Microsoft are blocked?

  3. Norton says:

    Several major SaaS apps host sites with multiple subdomains to shard content and customers.  e.g. cust1.example.com, cust2.example.com, custMajor.example.com and as such have a certificate for *.example.com

    Historically IE has been extremely suspicious of such wildcard certificates and displays warnings to the user.  I certainly hope these "false" warnings won't be sent to Microsoft to potentially further damage the site's certificate reputation.

  4. jen says:

    No.

    I do not want you to deny users accessing to my sites.

    I do not want you to know who is accessing my sites – I don't even want you to know my sites even exist.

    I do not event want you knowing what sites I access.

    If you do not trust your CAs, that you have to rely on reputation services (that are rife of false positives/negatives), then you have an even more serious problem.

  5. __hAl__ says:

    When is IE11 coming to Windows Phones ?

  6. Nick says:

    It sounds like the goal isn't to automatically trust or untrust any given certificate but to add a layer of notification when things change so that the site owner can confirm that they did, indeed, intend to change things. Is this the case? Or is this something else and I've misread this post?

  7. @__hAl__ says:

    Right around //Build 2014, 2-4 April.

  8. @ Norton says:

    IE has never made a distinction between wildcard and single FQDN certificates. It doesn't matter as long as the certificate is valid and the wildcarded hostname matches. There is no extra "warning" or whatever you may mean by "suspicious". Note, that sub1.sub2.example.com does not match *.example.com.

  9. KS says:

    Talking of "Trusted CAs". Just yesterday I read an interesting article on Heise about the fact that over half of the CAs that Windows/IE trusts from the beginning do not ever have issued a publically available certificate. In other words: you could just remove those CAs from the store and not a single user would see a difference. This would drastically reduce the possible attacke surface. The article is here: http://www.heise.de/…/Ein-Drittel-aller-Zertifikats-Herausgeber-nur-Security-Ballast-2139451.html und the paper it is based on is located here: www2.dcsec.uni-hannover.de/…/fc14_unused_cas.pdf . The paper is in English, the article in German (there used to be English translations of heisec, but I can't find it now).

  10. @EricLaw:

    Thank you for your feedback. I try answering your questions in order:

    • We collect the full certificate chain, with some random sample rate.

    • In our post analysis, we only include (reported) certificates that chain up to a root that is a member of Microsoft root program. This excludes all certificates in Fiddler or enterprise proxy scenarios (that either chain up to a self-issued root or an enterprise root).  However, Root CA Program members are not allowed to issue certificates for SSL interception and Microsoft takes any such certificates very seriously

    • We are looking into ways to allow delay reporting when SmartScreen service is blocked. Note that in our threat model, we assume that user is not under attack indefinitely and will be able to send report at some point.

    • Certificate pinning is dependent on site admins timely reports of legit changes in their certificate chain, otherwise it creates false negatives. Also, it requires an infrastructure for site admins to be able report their certificate chain (in this case, authenticating and authorizing the site owner becomes a challenging problem). This affects pinning applicability for internet solutions. You are right that few first users will not be protected under certificate reputation. However, once we get telemetry that helps us identity fraudulent certificates, Windows blacklist revocation mechanism allows for revoking these certificates within 16 hours, and so other users will be protected. We believe certificate reputation allows for a more scalable approach to the pinning problem. That being said, we are carefully studying all related proposals to improve security of our users with minimal impact on their experience.

    • The privacy impact for this is covered under SmartScreen EULA.

  11. @Brenno: We are looking into ways to allow delay reporting when SmartScreen service is blocked. Note that in our threat model, we assume that user is not under attack indefinitely and will be able to send report at some point.

  12. @Norton: Please note that the only thing that is sent to Microsoft is the certificate chain and not the warning.

  13. @jen: We agree with your first rule. That is why in our design, we don’t make any decision on behalf of user to block his access. We merely send telemetry to allow site owner decide.

    For your second rule, “I don't even want you to know my sites even exist.”, well, if your site is public, then it is public.

    We also agree with your third rule. We highly anonymize the telemetry  data and remove PII before sending data to our analysis engines. Also, please note that using SmartScreen filter is a volunteer act that you can opt out.

    For the last line, we do trust CAs. These techniques are simply defense in depth.

  14. @Nick: You are right Nick.

  15. Diabetes as a metabolic disease says:

    Diabetes as a metabolic disease , use of drugs should comply with a doctor's prescription

    Diabetes as a systemic metabolic disease, use of prescription drugs should be strictly complied with , expert advice , so as not to aggravate or delay treatment.<a href="http://www.medchemexpress.com/Gatifloxacin-hydrochloride.html">Gatifloxacin hydrochloride</a> Due to the current situation of domestic abuse of antibiotics still exists , seriously affecting the health of consumers , and for patients with diabetes , the use of antibiotics may also face the risk of blood disorders , leading to the occurrence of various complications.

  16. @MSFT staff says:

    The last 3 posts here are link spam – please clean them up.

  17. Aaron Zauner (azet) says:

    I was asked by Anton Moleda to point to the following conversation from Twitter: twitter.com/…/575418715178729472

    It seems you guys have been building something that exists as a proposal for a couple of years now, is not limited to a single Microsoft Product and has an very active IETF Working Group for standardization. From previous comments and the Blog posts it seems you've reinvented CT unless I've missed something.

    Thanks for your time,

    Aaron

    (I'd apprechiate a reply via E-Mail as well: azet@azet.org)

  18. Aaron Zauner (azet) says:

    I've searched for the SmartScreen EULA for some time now, but am unable to locate it. Would you be able to provide a reference?

    Thanks,

    Aaron

Skip to main content