Master Thesis Defense - June 13, 2018: Analyzing TLS Interception in Middleware Network Appliances
Wednesday, June 13, 2018 at 10:30 a.m.
You are invited to attend the following M.A.Sc. (Information Systems Security) thesis examination.
Dr. J. Bentahar, Chair
Dr. A. Youssef, Supervisor
Dr. M. Mannan, CIISE Examiner
Dr. K. Galal, External Examiner (BCEE)
Network traffic inspection, including TLS traffic, in enterprise environments is widely practiced. Reasons are primarily related to improving enterprise security (e.g., phishing and malicious traffic detection) and meeting legal requirements (e.g., preventing unauthorized data leakage, complying with laws such as the US Health Insurance Portability and Accountability Act, HIPAA). To be able to analyze TLS-encrypted data, network appliances implement a Man-in-the-Middle TLS proxy, by acting as the intended web server to a requesting client (e.g., a browser), and acting as the client to the actual/outside web server. As such, the TLS proxy must implement both a TLS client and a server, that can handle a large amount of traffic (preferably, in real-time). However, as protocol and implementation layer vulnerabilities in TLS/HTTPS are quite frequent, these proxies at least be as secure as a modern, up-to-date web browser (e.g., Chrome, Firefox), and a properly configured web server (e.g., an A+ rating in SSLlabs.com). As opposed to client-end TLS proxies (e.g., as implemented in several anti-virus products), the proxies in network appliances may serve tens to hundreds of clients, and any vulnerability in their TLS implementations can significantly downgrade an enterprise's security level.
To analyze TLS security of network appliances, we develop a comprehensive testing framework, by combining and extending tests from existing work on client-end and network-based interception studies. We analyze 13 representative network appliances over a period of more than a year (including multiple product versions, before and after notifying affected vendors, a total of 17 versions), and uncover several security issues regarding TLS version and certificate parameters mapping, CA trusted stores, private keys, and certificate validation tests. For instance, we found that four appliances perform no certificate validation at all, three use pre-generated certificates, and 11 accept certificates signed using the MD5 algorithm, exposing their end-clients to MITM attacks. Our goal is to highlight the risks introduced by widely-used TLS proxies in enterprise and government environments, potentially affecting many systems hosting security, privacy, and financially sensitive data.