What is a Trust Store?
A trust store is a collection of root certificates that are trusted by default and are maintained by the companies that make operating systems and web browsers, such as Apple, Microsoft, Mozilla, and Google. Each vendor has its own standards and requirements for root certificates but they all require an issuing CA to undergo one or more audits proving their trustworthiness, validity and conformance with the CA/B Forum Baseline Requirements before their root certificate is included.
As it is mentioned in Mozilla’s Root Store Policy “The included certificates have their "trust bits" set for various purposes, so that the software in question can use the CA certificates to anchor a chain of trust for certificates used by SSL servers and S/MIME email users without having to ask users for further permission or information.”
Properly maintaining a trust store is a significant undertaking, since it requires constant effort to evaluate new trust anchors, monitor existing ones, and react to incidents that threaten users. Maintaining a trust store is vital to the security of products, services and the web in general.
The purpose of trust stores is to improve internet security by raising the quality and transparency of CA and subordinate CA data, and to make the internet safer by enforcing regular and contiguous audits that provide assurances that root and subordinate CAs do not issue fraudulent certificates. As such, the trust stores help ensure individuals’ security and privacy on the internet and promote accountability and trust. The strict requirements that CAs must adhere to, the audits, the public scrutiny are required to ensure that the CAs maintain enough social trust to merit the technical trust that comes with having a trusted root.
What Can Go Wrong?
Although CAs are designated as trusted third-parties, security researchers argue that in fact they are “corruptible central points of failure”, capable of compromising the integrity and security of the entire Internet. The security of online communications can be undermined because of the complexity of managing keys and certificates, which is further complicated by the risk of coercion or compromise of a CA. Because of these dangers, users cannot be certain that their communications are not being compromised by a fraudulent certificate allowing a MITM (Man-in-the-Middle) attack.
Do you have a solution that allows you to switch Certificate Authorities quickly, if needed? See our buyer’s guide.
Browsers rely on the list of certificate authorities included in a trust store, as trusted third-parties to verify and issue the certificates that allow for secure browsing, using technologies like TLS and HTTPS. “Certificate Authorities are the basis of HTTPS, but they are also its greatest weakness,” says Cooper Quintin of the EFF. “Any of the dozens of certificate authorities trusted by your browser could secretly issue a fraudulent certificate for any website (such as google.com or eff.org.) A certificate authority (or other organization, such as a government spy agency) could then use the fraudulent certificate to spy on your communications with that site, even if it is encrypted with HTTPS. Certificate Transparency can mitigate some of the risk by requiring public logging of all issued certificates, but is not a panacea.”
Fraudulent certificates are not the only threat related to trust stores. As noted by Malwarebytes, an attacker who steals the private key that belongs to a root certificate can generate certificates for his own malevolent purposes. If this root certificate already resides within a trust store, these bad actors can then issue their own certificates, sign them with the private key and thereby stage man-in-the-middle (MitM) attacks or install malware onto web browser users’ machines. To make things worse, security researchers at the University of Maryland found that simply copying an authenticode signature from a legitimate file to a known malware sample can cause antivirus products to stop detecting it, even though it results in an invalid signature.
There are several ways that cyber criminals can abuse certificates.
- They can abuse existing certificates to appear legitimate, which can be disastrous if the threat actors have the private key.
- Move legitimate certificates in the Untrusted Certificate store, so legitimate programs are no longer able to run, or certain websites are no longer accessible.
- Create or buy bogus certificates for code-signing.
Given the aforementioned, it is reasonable enough to start questioning which certificates you have to introduce into your corporate network.
Managing Your Own Trust Store
What can organizations do to manage security threats resulting from trust stores? “It's a bit like Medieval times where the only people that are going to protect your kingdom from attackers is you. There's no army that's going to show up. It's just you.” says Kevin Bocek, vice president of security and threat intelligence for Venafi. “You shouldn't be trusting those that have nothing to do with your business operations,” he adds. That means it is the security leaders’ responsibility to understand and determine which entities they should trust.
They can begin by recognizing that trust stores come with hundreds of root certificates that aren’t necessary, wrote David Bisson in another blog for Venafi. A Leibniz University Hannover study found that only two-thirds of the trusted root certificates included in the default trust stores for Windows, Linux, macOS, Firefox, iOS and Android were active in signing HTTPS certificates. That leaves the remaining third of trusted root certificates potentially vulnerable to abuses.
In response, organizations should consider rejecting these default trust stores. They should create a customized, corporate-level trust store using certificate whitelisting so as to determine which certificates are included in the collection. This practice helps organizations reduce their attack surface by limiting the number of trusted CAs and flagging untrusted SSL/TLS sessions. Organizations can then update these certificate whitelists and blacklists on an ongoing basis to reflect their evolving business requirements and the expanding CA landscape.
“If you don't take an active role in whitelisting and blacklisting the CAs in your trust stores—everywhere from the desktop to application servers to the cloud—you may end up incidentally trusting hundreds of CAs that you have no relationship with to enable others, including hackers, to be trusted. What you're essentially doing is letting somebody who knows nothing about your business determine who you will trust,” says Kevin Bocek.
What make this challenge even more severe is that the machine identities that are at risk are a prime target for cyber criminals. A recent Venafi report shows that on the dark web, machines identities are economically more valuable than human identities. Security executives need to begin to think about what establishes control, particularly when it comes to mitigating risk in trust stores. Therefore, organizations should take steps to secure their own certificates and keys against digital attackers. They can do this by using solution that monitors these machine identities for signs of abuse. This platform should also automate the certificate renewal process to minimize the possibility of a human error.