Our Man in the Middle: An Investigation of TLS Stripping Attacks and Defenses on the Web

Abstract

This work addresses the viability of man in the middle (MITM) attacks, and stripping attacks in particular, on the web today. First, to present the severity of the threat, a modi ed version on Moxie Marlinspike's sslstrip attack is demonstrated to have the capability to compromise web applications with arbitrary authentication schemes in an automated fashion. Several methods for mitigating the attacks are then discussed in turn. HSTS, the incumbent technology, is found to have numerous de ciencies, the most important of which is its failure to guarantee protection against stripping attacks at all. A new variation on HSTS, called Distributed HSTS, provides the desired security guarantee for all connections involving a valid TLS certi cate. Lastly, another distributed solution called NOSTRIP has the best theoretical properties of the three, ensuring security for all connections between hosts without the need for TLS certi cates. Though these methods may be e ective defenses to stripping attacks, additional MITM vulnerabilities are shown to exist due to the behavior of browsers. Thus, it is concluded that the web is still far from being safe from MITM attacks, and continued research on the topic is called for.