{"title":"Pretty-Bad-Proxy: An Overlooked Adversary in Browsers' HTTPS Deployments","authors":"Shuo Chen, Ziqing Mao, Yi-Min Wang, Ming Zhang","doi":"10.1109/SP.2009.12","DOIUrl":null,"url":null,"abstract":"HTTPS is designed to provide secure web communications over insecure networks. The protocol itself has been rigorously designed and evaluated by assuming the network as an adversary. This paper is motivated by our curiosity about whether such an adversary has been carefully examined when HTTPS is integrated into the browser/web systems. We focus on a specific adversary named “Pretty-Bad-Proxy” (PBP). PBP is a malicious proxy targeting browsers’ rendering modules above the HTTP/HTTPS layer. It attempts to break the end-to-end security guarantees of HTTPS without breaking any cryptographic scheme. We discovered a set of vulnerabilities exploitable by a PBP: in many realistic network environments where attackers can sniff the browser traffic, they can steal sensitive data from an HTTPS server, fake an HTTPS page and impersonate an authenticated user to access an HTTPS server. These vulnerabilities reflect the neglects in the design of modern browsers – they affect multiple major browsers and a large number of websites. We believe that the PBP adversary has not been rigorously examined in the browser/web industry. The vendors of the affected browsers have all confirmed the vulnerabilities reported in this paper. Most of them have patched or planned on patching their browsers. We believe the attack scenarios described in this paper may only be a subset of the vulnerabilities under PBP. Thus further (and more rigorous) evaluations of the HTTPS deployments in browsers appear to be necessary.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"69 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"26","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 30th IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SP.2009.12","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 26
Abstract
HTTPS is designed to provide secure web communications over insecure networks. The protocol itself has been rigorously designed and evaluated by assuming the network as an adversary. This paper is motivated by our curiosity about whether such an adversary has been carefully examined when HTTPS is integrated into the browser/web systems. We focus on a specific adversary named “Pretty-Bad-Proxy” (PBP). PBP is a malicious proxy targeting browsers’ rendering modules above the HTTP/HTTPS layer. It attempts to break the end-to-end security guarantees of HTTPS without breaking any cryptographic scheme. We discovered a set of vulnerabilities exploitable by a PBP: in many realistic network environments where attackers can sniff the browser traffic, they can steal sensitive data from an HTTPS server, fake an HTTPS page and impersonate an authenticated user to access an HTTPS server. These vulnerabilities reflect the neglects in the design of modern browsers – they affect multiple major browsers and a large number of websites. We believe that the PBP adversary has not been rigorously examined in the browser/web industry. The vendors of the affected browsers have all confirmed the vulnerabilities reported in this paper. Most of them have patched or planned on patching their browsers. We believe the attack scenarios described in this paper may only be a subset of the vulnerabilities under PBP. Thus further (and more rigorous) evaluations of the HTTPS deployments in browsers appear to be necessary.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
