File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Nokia admits to implementing a Man-In-The-Middle flaw in HTTPS Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Nokia admits to implementing a Man-In-The-Middle flaw in HTTPS" Watch "Nokia admits to implementing a Man-In-The-Middle flaw in HTTPS" New topic
Author

Nokia admits to implementing a Man-In-The-Middle flaw in HTTPS

Pat Farrell
Rancher

Joined: Aug 11, 2007
Posts: 4655
    
    5

"Nokia has admitted that it routinely decrypts user's HTTPS traffic, but says it is only doing it so it can compress it to improve speed. That doesn't convince security researcher Gaurang Pandya, who accuses the company of spying on customers."


From the article, Nokia says: "'Importantly, the proxy servers do not store the content of web pages visited by our users or any information they enter into them. When temporary decryption of HTTPS connections is required on our proxy servers, to transform and deliver users' content, it is done in a secure manner. ... Nokia has implemented appropriate organisational and technical measures to prevent access to private information. Claims that we would access complete unencrypted information are inaccurate.'"

http://yro.slashdot.org/story/13/01/10/1356228/nokia-admits-decrypting-user-data-claiming-it-isnt-looking


So the question is: do you trust Nokia?
And the follow up is who else is putting a MITM in your HTTPS session?

I don't know enough about Nokia to make a judgement on their trustworthiness, but this is not a one-time question. Perhaps today, they don't use the data, and don't spy on customers. But who knows what a rogue employee will do at some later date.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41816
    
  62
Opera's mobile browsers perform various transformations on web pages between their servers and the mobile browser, as does Amazon's Kindle - who knows how big the leap would be from what they're doing now to something like this, if it is a leap at all.


Ping & DNS - my free Android networking tools app
Pat Farrell
Rancher

Joined: Aug 11, 2007
Posts: 4655
    
    5

I'm pretty sure that once you start transforming the HTML pages, you have already done the MITM work. Otherwise, you would not be able to see what the HTML is doing so you can transform it. But I've never seen any detailed technical descriptions of what, exactly, they do.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1053
    
  10

Based on everything I have read over the years about RSA, SSL/TLS and HTTPS I'm pretty sure that as algorithms they are secure but it has long been recognized that any pure software implementation of any encryption algorithm cannot be secure. In the case of RSA, assuming a sensible key size, once data has been encrypted using the public key it is pretty much impossible to decrypt it without having the private key. Nokia cannot have access to all the worlds RSA private keys so any true SSL/TLS man-in-the-middle attack has to be done using the symmetric key negotiated between the client and the server. One assumes that Nokia wrote their own SSL/TLS software so it would be trivial for them to get access to the negotiated key! The problem I have with the reports I have read is understanding how Nokia can use a proxy for Man-In-The-Middle. As far as I can see this would require either that the proxy has access to the negotiated key or that communication between the client and the proxy is not using the the server's public key but the public key of the proxy.

If Nokia have total control of the software running on their phones then this security hole will always be possible. I can't see that in the short term very small tamper proof HSMs are going to be fitted to phones but even if they are the portion of the channel between the user and the HSM is unencrypted! When one is dealing with a server one has to trust the server and for the most part one does (whether or not one should is a different matter) but one must also be able to trust all elements of the communication channel between the client and the server and if one can't then there cannot be any security.

I use an old Nokia phone but I use it to make phone calls and not for financial or other sensitive transactions.

Pat Farrell
Rancher

Joined: Aug 11, 2007
Posts: 4655
    
    5

Richard Tookey wrote: Nokia cannot have access to all the worlds RSA private keys so any true SSL/TLS man-in-the-middle attack has to be done using the symmetric key negotiated between the client and the server. ... The problem I have with the reports I have read is understanding how Nokia can use a proxy for Man-In-The-Middle.

If Nokia have total control of the software running on their phones then this security hole will always be possible.....When one is dealing with a server one has to trust the server and for the most part one does (whether or not one should is a different matter) but one must also be able to trust all elements of the communication channel between the client and the server and if one can't then there cannot be any security.


You are not understanding the problem. All Nokia has to do is a very small hack so that when you think you are going to https://amazon.com it sends you instead to https://amazongproxy.nokia.com. It can do this without changing the URL in the tool bar. Then the proxy can decrypt the connection from the phone to itself, and start a secondary connection to the real https://amazon.com

All communication from your smartphone to the hidden proxy is normal SSL. All communication from the proxy server to amazon's SSL server is normal. But everything going to it, or from it, goes through the proxy in the clear.

You are right, the system is built on trust, trust that you are really going to https://amazon.com without a man in the middle. That is what you are trusting, but Nokia is directly and deliberately violating that trust. They are hiding the interaction with their own proxy.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Nokia admits to implementing a Man-In-The-Middle flaw in HTTPS