The most dangerous code in the world: validating SSL certificates in non-browser software
Authors: M. Georgiev, S. Iyengar, S. Jana, R. Anubhai, D. Boneh, and V. Shmatikov
Abstract:
SSL (Secure Sockets Layer) is the de facto standard for secure
Internet communications. Security of SSL connections against an active
network attacker depends on correctly validating public-key
certificates presented when the connection is established.
We demonstrate that SSL certificate validation is completely broken in
many security-critical applications and libraries. Vulnerable software
includes Amazon's EC2 Java library and all cloud clients based on it;
Amazon's and PayPal's merchant SDKs responsible for transmitting
payment details from e-commerce sites to payment gateways; integrated
shopping carts such as osCommerce, ZenCart, Ubercart, and PrestaShop;
AdMob code used by mobile websites; Chase mobile banking and several
other Android apps and libraries; Java Web-services middleware -
including Apache Axis, Axis 2, Codehaus XFire, and Pusher library for
Android - and all applications employing this middleware. Any SSL
connection from any of these programs is insecure against a
man-in-the-middle attack.
The root causes of these vulnerabilities are badly designed APIs of
SSL implementations (such as JSSE, OpenSSL, and GnuTLS) and
data-transport libraries (such as cURL) which present developers with
a confusing array of settings and options. We analyze perils and
pitfalls of SSL certificate validation in software based on these APIs
and present our recommendations.
Reference:
In proceedings of ACM CCS '12, pp. 38-49, 2012
[BIBTEX]
Full paper: pdf
Related papers:
- See our FAQ for a brief explanation of the issue uncovered in the paper.
- iSec partners released three tools to help developers avoid the type of errors discussed in the paper.