In my previous post I spent one week without access to non-HTTPS websites. It was difficult, but I managed it. It was a challenge to determine how much of the web is HTTPS yet. It went well, mostly thanks to CloudFlare, but got me thinking about HTTPS again.
See, one of the three benefits of using this, more secure, protocol is authenticity. When a website has a valid certificate, there’s a Certificate Authority out there somewhere that has explicitly marked this public/private key pair as trusted, and therefore your device inherently trusts it. More specifically, it marked this as trusted for only a specific domain or collection of domains, not for everything.
That means that in order to impersonate a website using HTTPS, the attacker will need access to a valid certificate for this particular domain and not just any CA-signed certificate. That means they either have to hack the server and somehow obtain the private key to an existing certificate, or hack a Certificate Authority in order to trick them into issuing a new one for them to use.
The last case, although not common, has actually happened in the past, at least a few times.
In one case, a prominent Dutch CA (DigiNotar) was compromised and the hackers were able to use the CA’s system to issue fake SSL certificates. The certificates were used to impersonate numerous sites in Iran, such as Gmail and Facebook, which enabled the operators of the fake sites to spy on unsuspecting site users. In another case, a Malaysian subordinate certificate authority (DigiCert Sdn. Bhd.), mistakenly issued 22 weak SSL certificates, which could be used to impersonate websites and sign malicious software. As a result, major browsers had to revoke their trust in all certificates issued by DigiCert Sdn. Bhd.
The more recent breach is the one that happened to StartCom, and it allegedly allowed hackers to issue invalid certificates, although the CA itself denied it happened.
These problems have caused the community to not trust Certificate Authorities and start working on alternative solutions such as DANE, and Convergence (which ironically makes no use of valid HTTPS in their website). These approaches completely eliminate the role of Certificate Authorities, although DANE is based on DNSSEC, which means you must place trust on IANA/ICANN, while Convergence requires you to trust any third party you wish.
Google took a different path in this direction, focusing on the existing Certificate Authority system, but adding safeguards to ensure there are no problems with the existing authorities. The project is called Certificate Transparency and requires all CAs to make each and every certificate they issue publicly available to anyone, without restrictions. This allows the website owners, the browsers, and anyone interested, to verify the actions of all authorities.
That means that if there is a certificate issued for your domain name, you can learn that immediately, and if you did not perform the action, take additional measures to revoke it, before any damage is caused.
Comodo, a well known CA, even created a search engine that allows you to search for all the certificates of a domain or subdomain, and even supports wildcards (such as www.%, although the results are too many to be returned in time).
In order for the system to work, there need to be publicly available and signed logs, and browsers can opt-in to trust specific logs. These logs can be created by anyone, however the largest ones to date are operated by Google. There is no restriction on who can post a new certificate there (even “non-trusted” CAs can do it), although each log may have a different policy. A current list of known logs is available in the Certificate Transparency website.
Google believes this log can increase the security of the users and help administrators understand when a bad certificate is available immediately, but several critics have accused it of creating a Super CA, although by the design of CT, it seems not to be the case.
About one month ago, May 2016 for those of you in the future, I created a tool, called CT-Size. It runs a check every one minute and asks a few known Certificate Transparency logs about the amount of certificates they contain. It then stores that in a database file, and creates graphs of the size over time. The tool is currently hosted on my website and is accessible at https://ct-size.daknob.net/. The current logs that are monitored are:
As you can see, the first three logs have over 18,000,000 certificates, and they are all included in Google Chrome.
Super CA or a way to protect users, Certificate Transparency clearly provides a lot of benefits and allows anyone to audit the practices of the up to recently blindly trusted CAs.
What do you think? Do you want to see more stats in CT-Size? Let me know in the comments below.