Certificate Pinning in Mobile Applications
6 likes6,151 views
The document discusses certificate pinning and provides information on implementing it for Android, iOS, and Windows platforms. It describes certificate pinning as associating a host with an expected certificate or public key to prevent man-in-the-middle attacks. The document outlines pros and cons of certificate pinning, and provides code examples and links to resources for implementing pinning on different mobile platforms.
![11
Pinning is accomplished through a custom X509TrustManager API. Google
Chrome PubKey pinning style.
Customized version of TrustManager from Moxie Marlinspike available at:
https://github.com/moxie0/AndroidPinning
public PinningTrustManager(SystemKeyStore keyStore, String[] pins, long
enforceUntilTimestampMillis) {
this.systemTrustManagers = initializeSystemTrustManagers(keyStore);
this.systemKeyStore = keyStore;
this.enforceUntilTimestampMillis = enforceUntilTimestampMillis;
for (String pin : pins) {
this.pins.add(hexStringToByteArray(pin));
}
}
Constructs a PinningTrustManager with a set of valid pins.
@param keyStore A SystemKeyStore that validation will be based on.
@param pins An array of encoded pins to match a seen certificate chain against. A pin is a hex-
encoded hash of a X.509 certificate's SubjectPublicKeyInfo. A pin can be generated using the
provided ./tools/pin.py certificate_file.pem
@param enforceUntilTimestampMillis A timestamp (in milliseconds) when pins will stop being
enforced. Normal non-pinned certificate validation will continue. Set this to some period after your
build date, or to 0 to enforce pins forever.](https://image.slidesharecdn.com/certificatepinninginmobileapplicationsprosconsv-150305162212-conversion-gate01/85/Certificate-Pinning-in-Mobile-Applications-11-320.jpg)
Certificate Pinning in Mobile Applications
- 1. OWASP Lithuania - Luca Bongiorni – 05/03/2015
- 2. Introduction to Pinning Why is good to have it... State of Art – Android / iOS / Win Conclusion – Pros & Cons 2
- 3. 3 Mobile applications frequently do not protect network traffic. They may use SSL/TLS during authentication but not elsewhere. This inconsistency leads to the risk of exposing data and session IDs to interception. Business Impact Loss of Confidentiality and Integrity Company’s reputation at risk Incident response costs $$$ Possible legal issues (e.g. violation of ISO/PCI requirements) Mitigation Use End-to-End encryption between browser and web server (HTTPS) ► SSL/TLS ► Certificate Pinning !
- 4. 4 Pinning is the process of associating a host with their expected *{X509 certificate || public key}. Once a certificate or public key is known or seen for a host, the certificate or public key is associated or 'pinned' to the host. <…> • The pre-existing relationship between the user and an organization helps make better security related decisions. • No longer needs to depend on others (e.g. CAs) when making security decisions relating to a peer's identity!
- 5. 5 The certificate is easiest to pin. When the certificate expires, you would update your application. Public key pinning is more flexible but a little trickier due to the extra steps necessary to extract the public key from a certificate. o As with a certificate, the program checks the extracted public key with its embedded copy of the public key. o It is harder to work with keys (Vs. certificates) since you usually must extract the key from the certificate. Extraction is a minor inconvenience in Java, buts its uncomfortable in Cocoa and OpenSSL. o The key is static and may violate key rotation policies.
- 6. Introduction to Pinning Why is good to have it... State of Art – Android / iOS / Win Conclusion – Pros & Cons 6
- 7. 7 “An IMSI-Catcher (International Mobile Subscriber Identity) is a telephony eavesdropping device used for intercepting mobile phone traffic and tracking movement of subscribers. Essentially a "fake" mobile tower acting between the target mobile phone and the MNO's real BTSes, it is considered a Man-In-The-Middle (MITM) attack.” Fake WiFi AP + jam real AP? ARP Poisoning?… Old known boring threats.
- 8. 8
- 9. 9
- 10. Introduction to Pinning Why is good to have it... State of Art – Android / iOS / Win Conclusion – Pros & Cons 10
- 11. 11 Pinning is accomplished through a custom X509TrustManager API. Google Chrome PubKey pinning style. Customized version of TrustManager from Moxie Marlinspike available at: https://github.com/moxie0/AndroidPinning public PinningTrustManager(SystemKeyStore keyStore, String[] pins, long enforceUntilTimestampMillis) { this.systemTrustManagers = initializeSystemTrustManagers(keyStore); this.systemKeyStore = keyStore; this.enforceUntilTimestampMillis = enforceUntilTimestampMillis; for (String pin : pins) { this.pins.add(hexStringToByteArray(pin)); } } Constructs a PinningTrustManager with a set of valid pins. @param keyStore A SystemKeyStore that validation will be based on. @param pins An array of encoded pins to match a seen certificate chain against. A pin is a hex- encoded hash of a X.509 certificate's SubjectPublicKeyInfo. A pin can be generated using the provided ./tools/pin.py certificate_file.pem @param enforceUntilTimestampMillis A timestamp (in milliseconds) when pins will stop being enforced. Normal non-pinned certificate validation will continue. Set this to some period after your build date, or to 0 to enforce pins forever.
- 12. 12 The method used to Ping Certificates is :connection:willSendRequestForAuthenticationChallenge: inside the NSURLConnectionDelegate protocol. This method gets called when an SSL connection is made, giving the developer, a chance to inspect the authentication challenge and either proceed or fail. The code below shows how you can check the certificate sent by the server, with a known certificate embedded in your applications.
- 13. After doing await and socket.UpgradeToSslAsync(), check socket.Information.ServerCertificate for the cert that was provided by the server. You can verify that it's the cert you were expecting before you send any data. 13 The majority of Windows Phone 8 applications on the Marketplace lack certificate pinning due to the difficulty of implementing this security measure on the platform. Possible solutions: • For Win 8.0: Use an open source third party library for SSL such as OpenSSL or Bouncy Castle crypto Libs and attempt to build for Windows Phone. Cons: It may require significant effort to implement correctly. • For Win 8.0: Use a commercial library supporting SSL pinning: SecureBlackBox (https://www.eldos.com/sbb/). Cons: $$$ • >= Win 8.1: Thanks to the use of StreamSocket we can read the contents of the certificate via StreamSocket.Information.ServerCertificate property. StreamSocket s = new StreamSocket(); await s.ConnectAsync(new HostName(SrvURL), "443"); s.UpgradeToSslAsync(SocketProtectionLevel.Ssl, new HostName(SrvURL)); var certificate = s.Information.ServerCertificate;
- 14. Introduction to Pinning Why is good to have it... State of Art – Android / iOS / Win Conclusion – Pros & Cons 14
- 15. PROS 15 Better Security: Drastically reduce the ability to conduct successful MITM attacks. Not Hard to Implement: Not as difficult as it seems to implement a basic certificate pinning. Cost Saving: By using a self-signed certificate is possible reduce the costs, instead of paying for a certificate. • Possible problems in case of Certificate or PubKey revocation. • Egress filtering in a corporate environment (i.e. Interception Proxy) • The certificate embedded in your app will eventually expire. Your have to either plan for an app update that contains an updated certificate, or code a way for the application to download the new certificate, which is hardly achievable in practice. CONS
- 16. 16 • https://www.owasp.org/index.php/Mobile_Top_10_2014-M3 • https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning • https://tools.ietf.org/html/draft-ietf-websec-key-pinning-21 • https://www.owasp.org/index.php/Pinning_Cheat_Sheet • http://www.thoughtcrime.org/blog/authenticity-is-broken-in-ssl-but-your-app-ha/ • http://developer.android.com/reference/android/net/http/X509TrustManagerExte nsions.html • https://www.isecpartners.com/blog/2013/february/ssl-pinning-on-ios.aspx • www.doubleencore.com/2013/03/ssl-pinning-for-increased-app-security/ • http://blog.soat.fr/2014/11/wp8-problematique-du-certificate-pinning/ • http://www.slideshare.net/iazza/dcm-final-23052013fullycensored • http://chargen.matasano.com/chargen/2015/1/6/bypassing-openssl-certificate- pinning-in-ios-apps.html
- 17. 17