Systematic parsing of X.509: Eradicating security issues with a parse tree

Barenghi, Alessandro; Mainardi, Nicholas; Pelosi, Gerardo

doi:10.3233/jcs-171110

Cited by 3 publications

(3 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Chen et al [7] introduced SBDT and discovered several bugs in certificate parsers by employing differential testing. Barenghi et al [3] showed that 21.5% of the X.509 certificates are syntactically incorrect and proposed a more secure approach for parsing X.509 certificates. Debnath et al [13] re-engineered the X.509 standard specification alleviating its design complexity, ambiguities, or under-specifications.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Certificate Transparency Revisited: The Public Inspections on Third-party Monitors

Sun,

Lin,

Wang

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

The certificate transparency (CT) framework has been deployed to improve the accountability of the TLS certificate ecosystem. However, the current implementation of CT does not enforce or guarantee the correct behavior of third-party monitors, which are essential components of the CT framework, and raises security and reliability concerns. For example, recent studies [32], [33] reported that 5 popular third-party CT monitors cannot always return the complete set of certificates inquired by users, which fundamentally impairs the protection that CT aims to offer. This work revisits the CT design and proposes an additional component of the CT framework, CT watchers. A watcher acts as an inspector of third-party CT monitors to detect any misbehavior by inspecting the certificate search services of a third-party monitor and detecting any inconsistent results returned by multiple monitors. It also semi-automatically analyzes potential causes of the inconsistency, e.g., a monitor's misconfiguration, implementation flaws, etc. We implemented a prototype of the CT watcher and conducted a 52-day trial operation and several confirmation experiments involving 8.26M unique certificates of about 6,000 domains. From the results returned by 6 active thirdparty monitors in the wild, the prototype detected 14 potential design or implementation issues of these monitors, demonstrating its effectiveness in public inspections on third-party monitors and the potential to improve the overall reliability of CT.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Cloudflare Monitoring, DigiCert Monitoring, EZMonitor, Hardenize and Report-URI provide only the subscription services and CT-Observatory was suspended in September 2018 3. Some monitors also use other name fields such as organization (O) and organizational unit (OU) as keywords 4.…”

mentioning

confidence: 99%

Certificate Transparency Revisited: The Public Inspections on Third-party Monitors

Sun,

Lin,

Wang

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…Large body of prior research extends this line of work with the aim to improve the synthetic certificate generation process, including, but not limited to: Mucerts [20] that uses code coverage guidance, Coveringcerts [21] that uses combinatorial methods with theoretical guarantees, SymCerts [22] that adds symbolic execution, RFCcerts [23] that leverages certificate rules from protocol specification documents, Transcerts [24] that relies on coverage transfer graphs, NEZHA [25] that keeps track of behavioral asymmetries across multiple programs, and DRLgencert [26] that uses deep reinforcement learning to perform mutations on a certificate. Note that in contrast to these techniques that automatically generate synthetic certificates, Barenghi et al [27] work to first manually obtain a grammar for TLS certificates, and then build a parser to find legitimate issues in certificates that are missed by various implementations.…”

Section: Differential Testingmentioning

confidence: 99%

Measurement techniques to understand how diversity in TLS implementations & deployments influences protocol security

Paracha

View full text Add to dashboard Cite

TLS is a fundamental and widely-used network security protocol. On one hand, the protocol has undergone rigorous development over the past 25 years and offers sophisticated theoretical guarantees. At the same time, its adoption has grown from traditional computers to handheld devices and IoT ones, with these settings presenting varying constraints and caveats. As a consequence, a large number of TLS implementations and deployments exist and cater to different needs. Unfortunately, this results in a gap between what the protocol offers in theory vs how it works in practice; the diversity in the ecosystem not only increases the probability of a mistake during protocol development and use, but also leads to customizations with unexpected side effects.The thesis of this dissertation is that the rich diversity in TLS implementations & deployments introduces opportunities to harm protocol security, and that the harms can be identified (and mitigated) using rigorous measurement techniques.My work sheds light on previously unexplored aspects of TLS deployment in three different settings; web, mobile and IoT devices. More specifically, I (a) study web content availability and consistency over HTTP/S to better understand the obstacles to a TLS-by-default web, (b) conduct longitudinal experiments on a large number of consumer IoT devices to evaluate TLS effectiveness in that setting, and (c) revisit certificate pinning policies in mobile applications to examine implementations with advanced network security techniques that go beyond what the protocol offers.In addition to exploring diversity in deployments, my work leverages the diversity in TLS implementations alongside recent advances in generative language models to automate bug discovery. More specifically, I present a novel approach of generating synthetic TLS certificates using language models that reveal a wide range of previously unobserved and interesting implementation differences with security implications.My work has led to vulnerability disclosures, a security feature at a major CDN provider, a presentation at an IRTF body to inform protocol engineering, and novel auditing techniques that enable greater transparency about real-world protocol effectiveness. I believe the insights from my work can assist in better modeling of software security beyond TLS, the techniques proposed push state-of-the-art for network measurement, and the use of language models to generate synthetic test cases can prove valuable in domains where software inputs can be expressed in natural language.

show abstract

Revisiting the Challenges of Input Parsing for Robust and Secure Software

Pipek

Pirker

2019

2019 International Conference on Software Security and Assurance (ICSSA)

View full text Add to dashboard Cite

Systematic parsing of X.509: Eradicating security issues with a parse tree

Cited by 3 publications

References 19 publications

Certificate Transparency Revisited: The Public Inspections on Third-party Monitors

Certificate Transparency Revisited: The Public Inspections on Third-party Monitors

Measurement techniques to understand how diversity in TLS implementations & deployments influences protocol security

Revisiting the Challenges of Input Parsing for Robust and Secure Software

Contact Info

Product

Resources

About