Скачать презентацию Pretty-Bad-Proxy An Overlooked Adversary in Browsers HTTPS Deployments Скачать презентацию Pretty-Bad-Proxy An Overlooked Adversary in Browsers HTTPS Deployments

c0156a1cb573a320aa29a44490533120.ppt

  • Количество слайдов: 22

Pretty-Bad-Proxy: An Overlooked Adversary in Browsers’ HTTPS Deployments Shuo Chen†, Ziqing Mao† ‡, Yi-Min Pretty-Bad-Proxy: An Overlooked Adversary in Browsers’ HTTPS Deployments Shuo Chen†, Ziqing Mao† ‡, Yi-Min Wang†, Ming Zhang† †Microsoft Research ‡Purdue May 20 th, 2009 IEEE Symposium on Security and Privacy, May 2009 University

HTTPS and Its Adversary Assumption HTTPS: end-to-end secure protocol for web traffic. Adversary assumption: HTTPS and Its Adversary Assumption HTTPS: end-to-end secure protocol for web traffic. Adversary assumption: MITM (man-in-the-middle). HTTPS server proxy browser Internet SSL tunnel Are today’s browser implementations consistent with this assumption? IEEE Symposium on Security and Privacy, May 2009 2

Our research Key finding A class of browser vulnerabilities (demo) proxy can defeat end-to-end Our research Key finding A class of browser vulnerabilities (demo) proxy can defeat end-to-end security promised by HTTPS Vulnerabilities exist in all major browsers Industry outreach Technical work finished in summer 2007 Paper withheld until this conference Worked with all vendors to address the issues IEEE Symposium on Security and Privacy, May 2009 3

The Pretty-Bad-Proxy (PBP) adversary Browser PBP HTTPS server Rendering modules HTTP/HTTPS Unencrypted TCP/IP SSL The Pretty-Bad-Proxy (PBP) adversary Browser PBP HTTPS server Rendering modules HTTP/HTTPS Unencrypted TCP/IP SSL tunnel, encrypted IEEE Symposium on Security and Privacy, May 2009 4

Attacks in this talk Key issue: browsers load unencrypted content from proxy in the Attacks in this talk Key issue: browsers load unencrypted content from proxy in the HTTPS context of the victim server Attack 1: Proxy’s error response Attack 2: Proxy’s redirection Attack 3: HTTP-intended pages that are HTTPS loadable Attack 4: Visual context (GUI behavior, no script) IEEE Symposium on Security and Privacy, May 2009 5

Attack 1: error response Proxy’s error page: e. g. , 502 -server-not-found, other 4 Attack 1: error response Proxy’s error page: e. g. , 502 -server-not-found, other 4 xx/5 xx response; Script in error page runs in https: //bank. com. browser PBP Bank server https: //bank. com 502: Server not found https: //bank. comsrc=