The National Security Agency has issued a technical advisory warning against the use of wildcard TLS certificates and new ALPACA TLS attacks.
The NSA recommends protecting servers from scenarios where an attacker can gain access and decrypt encrypted web traffic.
- Understand the scope of each wildcard certificate used in your organization
- Use an application gateway or web application firewall in front of servers, including non-HTTP servers
- Use encrypted DNS, and verify DNS security extensions to prevent DNS redirection
- Verify APLN (Application-Layer-Number) APLN is an extension to TLS that allows servers and applications to specify allowed protocols whenever possible. APLN is an extension to TLS that allows servers and applications to specify allowed protocols whenever possible.
- Keeping your web browser up to date with the latest updates
Dangers of using wildcard TLS certificates
While there are many situations and attacks that allow attackers to decrypt TLS encrypted traffic, the NSA places a particularly strong emphasis on the use of wildcard TLS certificates.
This is something that several security researchers have been warning about for years: a wildcard certificate is a digital TLS certificate that a company obtains from a certification authority, which allows the owner to apply the certificate to one domain and all its subdomains at the same time. The owner can apply this certificate to one domain and all its subdomains simultaneously (*.example.com).
Wildcard certificates have been used by companies for many years because they reduce costs and are easier to manage, as administrators do not need to manage different certificates for each subdomain and can apply the same certificate to all servers.
Because, however, once a threatening party compromises a server, virtually the entire enterprise is compromised.
A malicious attacker who obtains the private key associated with a wildcard certificate can impersonate the site listed in that certificate and gain access to valid user credentials and protected information
The NSA is now recommending that administrators of public and private networks evaluate the need to use wildcard certificates within their networks and be prepared to deploy individual certificates to isolate and limit possible dangers.
A New ALPACA Attack
In addition, the NSA advisory includes a warning about a new application layer protocol content confusion attack (ALPACA) that is exploited through the use of wildcard certificates.
This attack disrupts web servers running multiple protocols, causing them to respond to encrypted HTTPS requests with unencrypted protocols such as FTP and email (IMAP, POP3).
According to the research team that discovered the ALPACA technology, if the attack is successful,
Because it is quite difficult for an attacker to intercept web traffic in order to carry out an ALPACA attack, the problem was not taken seriously when it was published in June, but the research team that discovered the attack announced that more than 119,000 web servers are vulnerable to vulnerable to the ALPACA attack, which is a significant number.
Four months later, the NSA is calling on organizations, especially those that handle sensitive information or are part of the US government network, to take this issue seriously, to identify if their servers are vulnerable, and to mitigate the risks.
The NSA recommends a number of defenses, among which is to enable Application-Layer Protocol Negotiation (ALPN).
ALPN is a TLS extension that prevents servers from responding to requests with protocols that are not allowed (FTP, IMAP, and other protocols that the server owner has decided not to allow).
Google is also implementing ALPACA protection in its Chrome web browser in early 2021.
The NSA recommends that NSS, DoD, and DIB administrators ensure that the use of wildcard certificates does not create undue risk that would make web servers vulnerable to ALPACA technologies.