The security impact of HTTPS interception in the wild
HTTPS deployment is on an upward trajectory, and this growth is accompanied by the increasing HTTPS interception and SSL inspection by enterprise-grade firewalls, web filters, gateways, as well as client-side antivirus and security solutions.
These solutions have to be able to terminate TLS sessions so that they could analyze the inner HTTP plaintext traffic to spot threats and filter content. But, are the new TLS connections they initiate to encrypt the traffic again and forward it to the destination safe?
A group of researchers from several US universities, ICSI, Google, Mozilla and Cloudflare have decided to check.
They’ve found a technique for passively detecting HTTPS interception based on TLS handshake characteristics, and have created heuristics that allowed web servers to detect interception and identify the responsible product. Then, they deployed these heuristics at the Mozilla Firefox update servers, a set of popular e-commerce sites, and the Cloudflare content distribution network.
On those three points, they assessed nearly eight billion connection handshakes, and estimated that 5–10% of all connections are intercepted – an unexpectedly high number.
They graded the unmodified browser handshakes and the intercepted connections according to a scale based on the TLS features advertised by each client, and calculated the change in security for intercepted connections.
“While for some older clients, proxies increased connection security, these improvements were modest compared to the vulnerabilities introduced: 97% of Firefox, 32% of e-commerce, and 54% of Cloudflare connections that were intercepted became less secure,” they discovered.
“Alarmingly, not only did intercepted connections use weaker cryptographic algorithms, but 10–40% advertised support for known-broken ciphers that would allow an active man-in-the-middle attacker to later intercept, downgrade, and decrypt the connection. A large number of these severely broken connections were due to network-based middleboxes rather than client-side security software: 62% of middlebox connections were less secure and an astounding 58% had severe vulnerabilities enabling later interception.”
The researchers have offered some recommendations for both vendors and the security community to improve this current situation. These include security companies prioritizing the security of their TLS implementations, and antivirus vendors reconsidering the use of HTTPS interception.