A secure connection to websites is vital to ensure sensitive data is not stolen in transit, and this process is accomplished through Secure Sockets Layer (SSL) via SSL certificates. What is an SSL certificate, you may ask? An SSL certificate moves your connection from an HTTP connection to an HTTPS connection. HTTP, or Hypertext Transfer Protocol, is an insecure connection between a web browser and a website. The reason HTTP is so insecure is due to its lack of encryption of data, which is what HTTPS does. HTTPS, or Hypertext Transfer Protocol Secure, implements encryption of data-in-transit to ensure that even if a Man in the Middle (MITM) attack occurred, that data would not be readable to the threat actor. SSL stripping bypasses this, however. With SSL stripping, attackers can implement a MITM attack and change the connection from an HTTPS connection to the unprotected HTTP connection. Before we look at how an SSL strip works, first we need to answer a common question: what is SSL?
SSL, more commonly known as Transport Layer Security (TLS) or SSL/TLS, is method of encrypting traffic through the Internet and authenticating a server’s identity. This encryption is accomplished through the TLS Handshake. When a user tries to connect to a webserver through their browser, they initiate a TCP Handshake and then a TLS Handshake between the client and server. A TCP Handshake is fairly straightforward, compared to a TLS Handshake. The TCP Handshake starts with a SYN message from the client to the server, as you can see in the above diagram. A SYN message contains a sequence number set by the client, which is then acknowledged by the server by its incrementation of the sequence number. The incremented sequence number is sent to the client, to acknowledge that server received it. Along with the incremented number, the server also sends its own chosen sequence number to be acknowledged by the client. The client’s acknowledged sequence number as well as the server’s sequence number are sent in a message called a SYN/ACK. The final step of a TCP Handshake occurs when the client acknowledges the server’s sequence number, through incrementation, in the ACK message.
The TCP Handshake is unencrypted, as its only purpose is to connect the client and server in the first place. The TLS Handshake is where encryption comes in. A TLS Handshake includes several steps, beginning with the Client Hello:
Client Hello message: The Client Hello initiates contact between the client and server. The client sends a “hello” message to the server. This “hello contains SSL/TLS information necessary for a proper TLS connection, including SSL/TLS version and the cipher suites supported by the client for server use, and a string of random bytes referred to as the “client random”.
Server Hello message: The Server Hello is sent in response to the Client Hello. Contained within the Server Hello are the server’s SSL certificate, the chosen cipher suite of the server, and the “server random”. Like the “client random”, this is another random string of bytes.
Authentication of the server’s SSL certificate: The next step in the TLS Handshake is that the client authenticates that the server’s SSL certificate is valid and owned by who the server says it is. This process is done by the client checking with the Certificate Authority (CA) who issued the certificate and verifying this information.
The premaster secret: The client then sends another random string of bytes to the server, encrypted with the server’s public key. When a keypair is created, it contains a public key and private key, known by all and known by no one but the creator, respectively. As only the keypair owner knows the private key, anything encrypted by the server’s public key can only be decrypted with the server’s private key. This step adds another way to verify the identity of the server.
Premaster secret decryption: The private key of the server is used to decrypt the premaster secret, verifying the server’s identity to the client.
Session key creation: Using the “client random”, the “server random”, and the premaster secret, both the client and the server generate a session key. If the server and client both have the correct keys, meaning they are who they say they are, the session keys created should be identical.
Client Finished message: The client sends the server a message that says “Finished”, which is encrypted with the session key. If the server is who it says it is, they should be able to decrypt the message, as they should have generated the same session key.
Server Finished message: The server sends the client a message that says “Finished”, which is encrypted with the session key. If the client is who they say they are, they should be able to decrypt the message, as they should have generated the same session key.
Secure symmetric encryption is used: Now, using asymmetric encryption, a symmetric encryption connection is setup. Asymmetric encryption involves the use of two keys, while symmetric encryption involves only one key. The client and server will now use the generated session key to symmetrically encrypt all of their communications.
Now that we have answered the question of what is SSL, we can see how SSL stripping occurs.
The process of SSL stripping is a fairly straightforward Man in the Middle attack. An SSL strip, as the name implies, strips a connection from an HTTPS connection to a lesser HTTP connection. The attacker does this by setting themselves up in the middle of the connection between the client and the server. This allows the threat actor to intercept all traffic between the client and the server. As a connection is started with the unencrypted TCP Handshake, this is where the SSL stripping occurs. How it works is the user sends a request to the server to access a webpage, like https://www.example.com. The attacker intercepts that message, but sends it along to the anyways. The reason they send it to the server is to receive the SYN/ACK. It sends out to the client after receiving the website request. Now, the threat actor sends the website connection back to the client, but instead of the original website requested, it is instead http://www.example.com.
Since the connection is now HTTP instead of HTTPS, every message, including any sensitive data, sent across the connection is visible to the man in the middle. This includes passwords, usernames, and bank account information sent along by the user. Threat actors could also potentially setup a proxy server with a similar name to the requested server, allowing them to further infect a victim with malware. Setting up of a proxy server with SSL stripping is a much more successful way of following victims compared to phishing attacks. Phishing attacks are a method of fooling a victim into visiting a webpage that looks legitimate, allowing the attacker to steal sensitive information entered into different fields by the victim. With SSL stripping, a user may never know they have been giving attackers sensitive information. Attackers can implement SSL stripping with either ARP spoofing, a proxy server, or by using Hotspot. Now that we know how SSL stripping works, let’s see how to detect if SSL stripping has occurred, and how to protect from it.
Detection and Best Practices
SSL stripping can be detected a number of different ways. The most obvious way to note if your connection has been through SSL stripping is looking at the web address in the search bar. The web address will have http next to the web address, as opposed to https, if SSL stripping has occurred. Also, you will note that the padlock at the left end of the search bar will look unlocked or red, meaning the connection is not in the HTTPS format you desire. Another way to find out that SSL stripping has occurred is by noting any faulty design details in the website. If you suspect SSL stripping has occurred, finding miniscule details on the webpage that look much different than the legitimate page can tip you off. Things like slightly tweaked company logos, a lack of multiple pages within the website, or even spelling errors can let you know that this isn’t the website you think it is.
Once SSL stripping is detected, the next step is thwarting it, now and in the future. One of the best prevention methods for stopping SSL stripping is noting irregularities in the search bar or webpage in the first place. Once you are alert for this threat, you can constantly be on the lookout for SSL stripping attacks. Team members within your organization should also be aware of this threat to protect themselves and the company from SSL stripping. Training classes via experienced team members or trained professionals will go a long way towards safeguarding sensitive data. Another way to protect web browsers from SSL stripping is through manually entry of the URL in the search bar. Most Man in the Middle attacks are started via redirections from one website to the target website. With this redirection, an attacker can set up in the middle of a data exchange between a client and server. By entering the URL into the search bar by your own hand, you can stop the Man in the Middle attack from beginning in the first place.
Browser extensions are another strong method of stopping both Man in the Middle attacks and SSL stripping. Extensions like HTTPS Everywhere use domain and rule lists to handle page calls through HTTPS connections, meaning all calls to web pages are done through HTTPS connections exclusively. If you work as a website administrator, you should also follow certain best practices to ensure SSL stripping cannot occur with your website. The main way to do this is by enabling SSL sitewide. Many threat actors take advantage of websites with SSL only enabled on one web page, but by enabling SSL sitewide attackers will have more difficulty setting up an SSL stripping operation. Even pictures and links within webpages should be protected with SSL certificates.
One of the biggest protection methods from SSL stripping is the use of HTTP Strict Transport Security. HTTP Strict Transport Security, or HSTS, is a policy where websites only allow connections utilizing HTTPS connections. This stops attackers from using SSL stripping to connect users to websites via HTTP connections. Requests that use an HTTP connection will automatically be rerouted to an HTTPS connection with HSTS in place. Once HTTP Strict Transport Security is in place, your domain name can be added to the HSTS preload list. This list is used by many search engines including Google Chrome, Mozilla Firefox, and other big search engines to prevent any HTTP connections to that browser. Included with the domain name of your web browser in the preload list is any subdomains and Top Level Domains. Also, certain Top Level Domains (TLDs), like .APP, are on the preload list by default. This means any .APP website is automatically encrypted with HTTPS, and never HTTP.
A few final steps you can utilize in your environment to protect from SSL stripping are as follows:
Usage of Virtual Private Networks: Virtual Private Networks, or VPNS, protect user data on websites no matter the connection type. If a user is using a VPN when viewing an HTTP website, data remains encrypted due to the Virtual Private Network. This extra layer of security can help an entire network or a single user.
Avoidance of public Wi-fi: Public Wi-fi hotspots, especially airport Wi-fi hotspots, are perfect for Man in the Middle attacks. Sensitive data can be easily intercepted, or user can be redirected to malicious websites, via public Wi-fi.
Cookies and bookmarks: If you are on a trusted network, bookmark your websites where you enter sensitive information. Once you reach a website with HTTPS, like a banking website, bookmark that secure website for future use, as the bookmarked website will always have an HTTPS connection. Along with this, enabling secure cookies ensures that all cookie data is served with secure traits.
Unknown links and HTTPS: The most obvious, but still frequently occurring, way to stop SSL stripping is by never clicking suspicious links and never accepting a connection to a website without HTTPS. If a website has an HTTP connection, leave the website and retype the URL.
How Encryption Consulting Can Protect You
A number of our services at Encryption Consulting can help defend your organization against attacks like SSL stripping. Our Encryption Advisory services can help your company identify any security gaps within your IT infrastructure, including missing or expired Secure Sockets Layer certificates. We then design and implement a plan to cover all your security issues, thus protecting your sensitive data from malicious attackers. For SSL/TLS certificates issues, we recommend usage of certificate lifecycle management tools, or movement to Cloud PKI services. Setting up a Public Key Infrastructure on a Cloud platform, such as Amazon Web Services, allows you to use AWS SSL certificates, for a better managed and protected infrastructure. Working with your teams, we help design a strategy to encrypt data at every phase, especially data-at-rest and data-in-motion like data sent across an HTTP connection. Our expert team will implement our strategy for encryption in the exact way your company desires, allowing you to customize your requirements as much as you wish.
We also offer our Certificate Lifecycle Management services to customers as well. Encryption Consulting offers a broad range of services in the Certificate Management space, from strategy to implementation and managed services. Encryption consulting can help solve the problems and challenges faced with certificate lifecycle management, by:
Establishing requirements, and designing the architecture
Performing a network discovery scan
Importing existing certificates
Configuring policies and reports
Onboarding a set of pilot applications
Preparing documentation for operations and training
Developing a plan for addressing gaps
Developing a guide for process/operations and offering certified training
With our Certificate Lifecycle Management services, we can help you monitor and protect SSL certificates on-premises as well as in the Cloud. We support Cloud certificate services on a variety of platforms, including AWS, Microsoft Azure, and Google Cloud Platform (GCP).
One last service we offer that can help defend you from SSL stripping attacks are our Public Key Infrastructure assessment, strategy and implementation services. With this service, we will help you assess what requirements your organization should set for it’s PKI to gain the most protection and benefits from it. In our strategy phase, we create a roadmap to help you understand how to reach all of your Public Key Infrastructure requirements at the least cost to you. In the final stage, the implementation phase, we create the Public Key Infrastructure based off of the roadmap made in the previous stage. Our PKIs are created with your requirements in mind, meaning they are in compliance with any standards, like FIPS 140-2 or PCI DSS, that you may need to meet. To go along with our advising services, we also offer PKI-as-a-Service to customers. With our PKI-as-a-Service, we create a hybrid Public Key Infrastructure, with the Root CA located either at our datacenter in Dallas, Texas, or on your own premises. We can also give your organization as much or as little permissions and management tasks as you desire. We can manage the entirety of the Public Key Infrastructure for you, if you desire.
Throughout our guide, we have answered a number of common questions, such as what is SSL and what is an SSL certificate. In answering these questions, we developed a better understanding of how an SSL Handshake occurs, as well as how threat actors manipulate the unsecured TCP Handshake that occurs before the SSL/TLS Handshake, to intercept sensitive data sent across a connection. Along the way, we also learned how SSL stripping attacks occur and the details of how they can steal information from users. Even with an AWS SSL certificate, attackers can still set up Man in the Middle attacks to strip your connection from an HTTPS connection to an HTTP connection. Attackers use redirect links and public Wi-fi hotspots to strip your connection to a legitimate website and steal your information. Luckily, there are a number of different best practices you or your organization can implement to defend against SSL stripping attacks. Virtual private networks are a great method of protecting SSL connections, as they cover an entire network and they keep your data encrypted whether you connect to a website via HTTP or HTTPS. Other, simpler, methods of stopping SSL stripping include utilizing bookmarks on HTTPS connected websites, enabling secure cookies, avoiding public Wi-fi hotspots, never clicking unknown links, and never continuing to a website without an HTTPS connection. Another way to protect your organization that we discussed is hiring Encryption Consulting’s data protection services to help manage your Public Key Infrastructure, certificate lifecycle, and to help find and patch any gaps in your security infrastructure.