Certificate reputation, a novel approach for protecting users from fraudulent certificates

At the IETF in London last week, we presented a proposal called Certificate Reputation for detecting fraudulent certificates, in order to protect you from attackers that could have stolen a site’s identity. This prevents malicious sites from phishing your personal information like passwords, bank account numbers, credit card numbers etc. Recent attacks against public and Microsoft CAs (e.g. the DigiNotar and Comodo attacks) led us to develop mechanisms that protect you from such threats.

Background

When you visit your bank site, IE relies on digital certificates (certificate for short) to ensure you are connected to the intended Web site. In order for the certificate to be considered valid, it needs to be issued by a trusted authority. This is similar to driver’s licenses in the United States. The driver’s license is only valid and accepted if it is issued by the Department of Licensing. In the Web world, a “Trusted Certification Authority”(trusted CA for short) issues certificates for Web sites. A certificate issued by a trusted CA is considered legitimate by a browser just like a driver’s license issued by the Department of Licensing is considered a valid form of identification. Browsers maintain a list of trusted CAs that help them verify certificates and establish the identities of sites.

Sometimes, certificates can be fraudulent or issued incorrectly

Trusted CAs are in the business of selling certificates. Normally, the owner of the site hosted on yourbank.com picks one of these trusted CAs, say ABC and works exclusively with them to purchase their certificate. In this case, ABC should know the owner of the site hosted on yourbank.com and should not sell the certificate for yourbank.com to anyone else. However, recent issues with certificates from Comodo proved that these verifications can be error prone. Additionally, the attacker might be able to get the certificate for yourbank.com by either hacking a CA or one of its retailers. Unfortunately, a fraudulent certificate obtained in this manner from a trusted CA will be trusted on all browsers. While there is a very high bar for such an attack, DigiNotar and Comodo were victims of this.

A data driven solution for detecting fraudulent certificates

As you can imagine, this is a tricky problem to solve. This is similar to a “trusted authority” like the Department of Licensing issuing a driver’s license in your name to an impersonator. Since everyone trusts the drivers’ licenses issued by the Department of Licensing, a fake driver’s license would be very hard to detect.

When we got to the drawing board to solve this problem, we set forth some principles and goals:

  • Keep you safe from fraudulent certificates on the Internet without interrupting your workflow or preventing access to legitimate sites
  • Not require a lot of changes to the ecosystem allowing easier adoption
  • Preserve the privacy of site owners

We landed on a solution called Certificate Reputation that utilizes telemetry to detect abnormalities. As you are browsing the Web with IE11 (and have opted in to SmartScreen®), IE sends data to Microsoft about certificates that it encounters while validating server identities.

If a new certificate issued by a different trusted CA (other than the one the site uses typically) is detected for a site, Certificate Reputation can flag it automatically. This positions us to contact the site owner allowing them to initiate a revocation of that certificate or confirm that it is legitimate.

This Microsoft service harnesses the power of data mining and relies on heuristic algorithms. It doesn’t require any action from you and changes from trusted CAs making it easily adoptable and sustainable over a long period of time. In the near future, we hope to automate the notification process as well.

In the future, the certificate telemetry collected by IE11 can be used to monitor CAs’ compliance with industry guidelines and Microsoft Root CA technical requirements for SSL certificates. We can reach out to the CAs when we detect weak certificates, raising the bar for attackers and keeping you safer on the Web. You can read about other ways in which we plan to use this valuable data to improve Web security in this other blog.

Conclusion

With Microsoft’s novel approach for detecting fraudulent certificates, you can feel safer when visiting your favorite bank, email or social networking sites.  IE will do this seamlessly by collecting data about certificates in use, detecting new certificates and reporting them to site owners who can revoke them if invalid. This creates a fast and reliable process for revocation which does not require any action from you or trusted CAs and preserves the privacy of site owners. We received a positive response to this proposal from the attendees at IETF as they appreciated Certificate Reputation's goals around privacy and easy adoption. As we continue to engage with the CAs and IETF on this, we would love to hear your thoughts and feedback!

— Anoosh Saboori and Ritika Kapadia, Program Managers on Windows and Internet Explorer