NCCIC / US-CERT   
      
   National Cyber Awareness System:   
      
   TA15-120A: Securing End-to-End Communications   
   04/30/2015 08:49 PM EDT   
      
      
   Original release date: April 30, 2015   
      
   Systems Affected   
   Networked systems   
      
   Overview   
   Securing end-to-end communications plays an important role in protecting   
   privacy and preventing some forms of man-in-the-middle (MITM) attacks.   
   Recently, researchers described a MITM attack used to inject code, causing   
   unsecured web browsers around the world to become unwitting participants in a   
   distributed denial-of-service attack. That same code can be employed to   
   deliver an exploit for a particular vulnerability or to take other arbitrary   
   actions.   
      
   Description   
   A MITM attack occurs when a third party inserts itself between the   
   communications of a client and a server. MITM attacks as a general class are   
   not new. Classic MITM attacks (e.g., ARP Spoofing) focus on redirecting   
   network communications. By definition, network infrastructure under attacker   
   control is vulnerable to MITM. However, as technology evolves, new methods for   
   performing MITM attacks evolve as well.   
      
   Currently, there is no single technology or configuration to prevent all MITM   
   attacks. However, increasing the complexity with multiple layers of defense   
   may raise the cost for the attacker. Increasing the attacker’s cost in time,   
   effort, or money can be an effective deterrent to avoiding future network   
   compromise.   
      
   Generally, encryption and digital certificates provide an effective safeguard   
   against MITM attacks, assuring both the confidentiality and integrity of   
   communications. As a result, modern MITM attacks have focused on taking   
   advantage of weaknesses in the cryptographic infrastructure (e.g., certificate   
   authorities (CAs), web browser certificate stores) or the encryption   
   algorithms and protocols themselves.   
      
   Impact   
   MITM attacks are critical because of the wide range of potential impacts—these   
   include the exposure of sensitive information, modification of trusted data,   
   and injection of data.   
      
   Solution   
   Employing multiple network and browser protection methods forces an attacker   
   to develop different tactics, techniques, and procedures to circumvent the new   
   security configuration.   
      
   US-CERT recommends reviewing the following mitigations to reduce vulnerability   
   to MITM attacks:   
      
   Update Transport Layer Security and Secure Socket Layer (TLS/SSL)   
   US-CERT recommends upgrading TLS to 1.1 or higher and ensuring TLS 1.0 and SSL   
   1, 2, 3.x are disabled, unless required. TLS 1.0 clients can fall back to   
   version 3.0 of the SSL protocol, which is vulnerable to a padding oracle   
   attack when Cypher-Block Chaining mode is used. This method is commonly   
   referred to as the "POODLE" (Padding Oracle on Downgraded Legacy Encryption)   
   attack. Vulnerable TLS implementations can be updated by applying the patch   
   provided by the vendor. Vendor information is available in the National   
   Vulnerability Database (NVD) entry for CVE-2014-3566 [1] or in CERT   
   Vulnerability Note VU#577193 [2]. See US-CERT TA14-290A [3] for additional   
   information on this vulnerability.   
      
   Utilize Certificate Pinning   
   Certificate pinning [4] is a method of associating X.509 certificate and its   
   public key to a specific CA or root. Typically, certificates are validated by   
   checking a verifiable chain of trust back to a trusted root certificate.   
   Certificate pinning bypasses this validation process and allows the user to   
   trust “this certificate only” or “trust only certificates signed by this   
   certificate.” Please use the following resources to configure your browser for   
   certificate pinning:   
      
   Microsoft Certificate Trust   
      
   The Microsoft Enhanced Mitigation Experience Toolkit (EMET) 5.2 employs a   
   feature named "Certificate Trust" for SSL/TLS certificate pinning. This   
   feature is intended to detect and stop MITM attacks that leverage Public Key   
   Infrastructure. [5]   
      
   To use the Certificate Trust, you must provide a list of websites you want to   
   protect and certificate pinning rules applicable to those websites. In order   
   to do this, work with the Certificate Trust Configuration feature of the   
   graphical application or use the Configuration Wizard to automatically   
   configure EMET with the recommended settings. [6] Also, ensure period defaults   
   are updated through patching.   
      
   Browser Certificate Pinning   
      
   Google Chrome and Mozilla Firefox, among others, perform certificate pinning.   
   They conduct a variation of certificate pinning using the HTTP Strict   
   Transport Security (HSTS), which pre-loads a specific set of public key hashes   
   into the HSTS configuration, limiting valid certificates to only those with   
   the specified indicated public key. Chrome uses HTTPS pins for most Google   
   properties. It uses whitelisted public keys which include keys from Verisign,   
   Google Internet Authority, Equifax, and GeoTrust. Thus, Chrome will not accept   
   certificates for Google properties from other CAs.   
      
   Firefox 32 on desktop and later (Firefox 34 and later on Android) has the   
   ability to use certificate pinning. It also has the ability to enforce   
   built-in pinsets (mapping of public keys) information to domains. Firefox will   
   pin all sites that Chrome already does, pin their own sites after audit and   
   cleansing, and pin other popular sites that are already in good standing.   
   Please visit this site on How to Use Pinning [7] and for more information.   
      
   Implement DNS-based Authentication of Named Entities (DANE)   
   DANE is a protocol that allows certificates (X.509) commonly used for TLS.   
   DANE is bound to DNS which uses Domain Name System Security Extensions   
   (DNSSEC). A working group in the Internet Engineering Task Force of DANE   
   developed a new type of DNS record that allows a domain itself to sign   
   statements about which entities are authorized to represent it. [8]   
      
   Google Chrome does not use DANE but uses an add-on [9] for support. Mozilla   
   Firefox also uses an add-on [10] to check the existence and validity of DNSSEC.   
      
   Use Network Notary Servers   
   Network notary servers aim to improve the security of communications between   
   computers and websites by enabling browsers to verify website authenticity   
   without relying on CAs. CAs are often considered a security risk because they   
   can be compromised. [11] As a result, browsers can deem fraudulent sites   
   trustworthy and are left vulnerable to MITM attacks.   
      
   Each network notary server, or group of servers, is public and can be operated   
   by public/private organizations or individuals. These servers regularly   
   monitor websites and build a history of each site’s certificate data over   
   time. When a browser equipped with a network notary add-on communicates with a   
   website and obtains its certificate information, a user-designated network   
   notary server supplies the browser with historical certificate data for that   
   site. If certificate information provided by the website is inconsistent with   
   the notary’s historical data, a MITM attack could be at play. [12]   
      
   References   
   [1] https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566   
   [2] http://www.kb.cert.org/vuls/id/577193   
   [3] https://www.us-cert.gov/ncas/alerts/TA14-290A   
   [4] https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning   
   [5] https://support.microsoft.com/en-us/kb/2458544   
   [6] https://technet.microsoft.com/en-us/library/cc700843.aspx   
   [7] https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning   
   [8] http://www.internetsociety.org/articles/dane-taking-tls-auth   
   ntication-next-lev el-using-dnssec   
   [9] http://www.internetsociety.org/deploy360/resources/how-to-ad   
   -dnssec-support-to -google-chrome/   
   [10] https://www.dnssec-validator.cz/   
   [11] http://perspectives-project.org/   
   [12] http://arstechnica.com/information-technology/2008/08/netwo   
   k-notary-system-thw arts-man-in-the-middle-attacks/   
   Revision History   
   April 30, 2015: Initial Release   
      
   ----------------------------------------------------------------   
   -------------- -   
      
   This product is provided subject to this Notification and this Privacy & Use   
   policy.   
      
      
   ----------------------------------------------------------------   
   -------------- -   
   OTHER RESOURCES:   
   Contact Us | Security Publications | Alerts and Tips | Related Resources   
   STAY CONNECTED:   
   Sign up for email updates   
      
   SUBSCRIBER SERVICES:   
   Manage Preferences  |  Unsubscribe  |  Help   
      
      
   ----------------------------------------------------------------   
   -------------- -   
   This email was sent to Fido4cmech@lusfiber.net using GovDelivery, on behalf   
   of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray   
   Lane SW Bldg 410 · Washington, DC 20598 · (888) 282-0870 Powered by GovDelivery   
      
      
   --   
   Guardien Fide   :^)   
      
      Ben  aka cMech  Web: http://cmech.dynip.com   
                    Email: fido4cmech(at)lusfiber.net   
                 Home page: http://cmech.dynip.com/homepage/   
              WildCat! Board 24/7  +1-337-984-4794  any BAUD 8,N,1   
      
   --- GoldED+/W32-MSVC   
    * Origin: FIDONet - The Positronium Repository (1:393/68)