The US National Security Agency (NSA) released this week a warning for organizations in the country it states not to use wildcard TLS certificates due to a new attack called ALPACA TLS.
The NSA urges all agencies to follow its technical advice as attackers could gain access to and decrypt encrypted web traffic.
The dangers of using wildcard TLS certificates
Although there are many different scenarios and attacks that could help attackers decrypt any TLS-encrypted traffic, the NSA specifically highlighted the use of wildcard TLS certificates, something many security researchers have warned about for years [1, 2, 3, 4, 5, 6] ..
Also known as a domain-validated certificate, a wildcard certificate is a TLS digital certificate that companies purchase from certification authorities and allow the holder to apply it simultaneously to a domain and all of its subdomains (* .example.com).
Over the years, companies have started using wildcard certificates because of the reduced cost but also because they are easier to manage, as administrators can apply the same certificate to all sites instead of having to manage a different one for each subdomain.
However, this ease of use is also its Achilles heel technologys, as once a malicious user compromises a server, they essentially compromise the entire company.
"A malicious user gaining control of a private key from a wildcard certificate will be able to impersonate any of the company's websites and gain access to valid user credentials and protected information," the NSA said Thursday.
The U.S. Department of Homeland Security is now calling on administrators of both public and private networks to re-evaluate the need to use a wildcard certificate on their networks and prepare for the implementation of individual certificates to isolate and mitigate potential breaches.
The new ALPACA attack
In addition, the NSA publication is accompanied by a warning about the new ALPACA attack, (from the Application Layer Protocol Content Confusion Attack), which was revealed this summer and uses wildcard certificates.
With a simple explanation, this attack allows the attacker to confuse web servers running multiple protocols to respond to encrypted HTTPS requests via unencrypted protocols, FTP, email (IMAP, POP3) and more.
A successful attack "can extract session cookies and other private user data or run arbitrary JavaScript on the vulnerable web server, bypassing TLS and web application security," according to the research team that discovered the ALPACA attack.
At the time it was revealed in June, the problem was not taken seriously because an ALPACA attack required attackers to be able to intercept web traffic, which is difficult in some scenarios.
But the research team that discovered the attack said more than 119.000 web servers were vulnerable to ALPACA attacks, a significant number.
Protection
Four months later, the NSA urges all agencies to think seriously about this issue, and to check if their servers are vulnerable, especially if the organizations are dealing with sensitive information or belong to the US government network.
The NSA recommends activating the Application-Layer Protocol Negotiation (ALPN), which is a TLS extension that prevents web servers from responding to requests through unauthorized protocols (such as FTP, IMAP, or anything else the server owner decides not to allow). .
It should be mentioned that Google has already implemented protection techniques for the ALPACA attack in the program tours Chrome.
