8 Best Tips to Avoid Danger of Wildcard TLS Certificates, the ALPACA Technique
Wildcard certificates are often used to authenticate multiple servers, saving organizations time and money. Wildcard certificates have legitimate uses but can confer risk from poorly secured servers to other servers in the same certificate’s scope.
A new style of web application exploitation, dubbed “ALPACA,” increases the risk from using broadly scoped wildcard certificates to verify server identities during the Transport Layer Security (TLS) handshake.
Application Layer Protocols Allowing Cross-Protocol Attack (ALPACA) is a technique used to exploit hardened web applications through non-HTTP (Hypertext Transfer Protocol) services secured using the same or a similar TLS certificate.
This Cybersecurity Information Sheet details the risks from wildcard certificates and ALPACA and provides mitigations for both. Administrators should assess their environments to ensure that their certificate usage, especially the use of wildcard certificates, does not create unmitigated risks, and, that their organizations’ web servers are not vulnerable to ALPACA techniques.
The internet is a dangerous place. With so many people trying to access your website, hackers are more than willing to find vulnerabilities in the system and exploit them. If you haven’t heard of TLS certificates, you’re not alone. However, they are essential for protecting your site from hackers accessing it without permission, or tricking users into giving up their personal information. This blog post will discuss eight best tips that will help you avoid the danger of wildcard TLS certificates by using the ALPACA technique.
1. Understanding the Scope of each Wildcard Certificate Used in your Organization
Wildcard certificates can be an excellent tool for smaller companies. For instance, wildcard certs may help secure your environment without breaking the bank if you have a small blog network with various subdomains. Large organizations often use wildcards to mask more extensive TLS certificates that would otherwise impose more cost on the business and users of the website. In this case, it’s essential to know how many wildcards you have and where they are used throughout your environment. Having a comprehensive list of all TLS certificates in your organization is crucial for understanding the threat landscape.
2. Using an Application Gateway or Web Application Firewall in Front of Servers
If you can deploy an application gateway or web application firewall in front of your servers, it can help remove wildcards dynamically before requests are ever made. This would allow for more flexibility in the number of subdomains covered, which could result in drastic savings for your TLS certificates. For example, many companies have a cost-effective multi-domain wildcard TLS certificate used in place of individual single-name certificates for each subdomain. If you use an application gateway to add proxies dynamically, you can ensure the proxied hostname matches the original request.
3. Using Encrypted DNS and Validating DNS Security Extensions to Prevent DNS Redirection
DNS poisoning is a technique attackers use to redirect requests for your website or service to an incorrect destination. Attackers may also intercept DNS queries and respond with false responses before the request reaches your server, rendering encryption useless. Using encrypted DNS prevents the attacker from being able to interfere with traffic to your host. All data is encrypted on the network when using HTTPS, and DNS poisoning or tampering is not possible. However, attackers may be able to compromise your DNS server and use a valid signed TLS certificate instead of a wildcard for validation. You can prevent this using DNSSEC Validation to ensure your network accepts only accurate responses.
4. Enabling Application-Layer Protocol Negotiation (ALPN) on your Server
This is a protocol that will help negotiate the best possible encryption for your server. If both browsers and applications support ALPN, it can negotiate an application-layer protocol to protect traffic between the client and the server. If only the browser supports ALPN, TLS 1.2 or later can still use HTTP/2 to encrypt and multiplex traffic. This is an upgrade from HTTP/1.1, where only one request or response could be communicated at a time between client and server. Implementing this option on your HTTPS servers will ensure the best performance for your users while staying protected from wildcard TLS certificates by preventing downgrade attacks.
5. Maintaining Web Browsers at the Latest Version with Current Updates
Keeping your web browsers updated is essential for staying protected from the latest security threats. For instance, Firefox version 52 and higher prevent users from falling victim to insecure pseudorandom number generator (PRNG) seeding, leaving TLS and other cryptographic operations vulnerable to attack. Mozilla has added a “recommended” rating next to hosts with bad secure randomness under Preferences > Privacy & Security.
Additionally, Google Chrome has publicly denounced websites with the ” Digicert secure site Pro Wildcard ” in an attempt to reduce TLS certificates using key sizes less than 2048 bits. It has added a similar warning for sites that allow RC4 cipher suites. Browsers will continue to show warnings until more web moves away from TLS 1.0 and 1.1, which are far less secure than the current TLS 1.2 standard. Updates to your browsers will ensure a safer browsing experience for your users and help you defend against wildcard certificates issued with weak cryptography or key sizes.
6. Utilizing HTTP Public Key Pinning Extension for HTTP/2 (HPKP)
HTTP Public Key Pinning (HPKP) is a security policy mechanism employed to help prevent man-in-the-middle (MITM) attacks. The goal of HPKP is to declare which certificate authorities (CAs) are authorized to issue certificates for specific domains, and browsers enforce this policy by refusing to connect to hosts with invalid certificates.
Using HPKP will help ensure that your clients are connecting to the correct servers and valid HTTPS hosts. If you want to defend against wildcard certificates, this tactic may work best for you since if an attacker attempts to issue a certificate for your domain, it won’t match up with the pinned keys in browsers that support HPKP. Additionally, suppose an attacker successfully hijacks your domain using a man-in-the-middle attack like DNS poisoning. In that case, the certificate will fail to match up with the pinned keys, and your users will be protected.
7. Employing HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS) is an excellent security mechanism that ensures your users only connect to your website using HTTPS. When enabled, it tells the browser to force all connections to your site over a secure connection. If you’re running TLS but not enforcing it with HSTS, you are leaving yourself open to downgrade attacks. For example, an attacker may want to block all traffic on port 443 by poisoning your DNS settings to redirect traffic for your site.
If the connection is HTTP instead of HTTPS, that person will successfully block you from communicating with users. Enabling HSTS headers ensures that this type of attack will fail to stop you from connecting with your users because browsers will automatically upgrade all HTTPS connections. Since this is a site-wide header, it also prevents any insecure form submissions or any other contact with non-HTTP/S links.
8. Utilizing TLS/SSL Certificates from a Trusted Certificate Authority
When it comes to using valid SSL Certificates for your servers, you need to trust the issuer. To illustrate, self-signed certificates are not trusted by default in web browsers like Internet Explorer and Chrome. Although they can be manually accepted, it’s essential that users only connect to your servers using trusted certificates. If you decide to purchase security certificates from a Certificate Authority, make sure they are audited and that employees undergo background checks. For instance, if the company behind your certificate has poor business practices or weak protocols, your users may be at risk if their infrastructure is breached. Always research the companies you do business with before agreeing.
The world of SSL is rapidly changing, and the days of using 1024-bit certificates are long gone. Cybercriminals continue to break new records in speed and scale, so organizations need to be proactive in their approach to mitigating risks before attackers strike. Utilizing all eight recommendations outlined above will ensure your organization protects critical assets while simultaneously providing a safe user experience.
Please visit The NSA website for more information
Shop for your wildcard certificate : https://www.sslcertificate.ch/