SignatureCheck.org

Secure SSL/TLS Certificate Thumbprint Retrieval Service

About

What does this service do?
How does it work?
Privacy

What does this service do?

This site provides a service to remotely retrieve a certificate from a web server, read the thumbprint information from it, and deliver that information back to the user in a secured format.

This allows users to detect when their browser has been sent a certificate different from the one the website is sending. When this difference occurs, it indicates that a user is experiencing a man-in-the-middle attack. That is, the traffic to the web server is being intercepted and read by a device between the user and the web server.

The purpose of sites using TLS/SSL is to prevent these types of attacks. Traffic encrypted by a certificate's public key can only be decrypted by the private key held by the web site. However, an attacker can replace the certificate being sent to the user with one that the attacker has the private key for.

The X.509 public key infrastructure was designed to warn users against this type of attack. In theory, certificate authorities would only agree to give a signed certificate for example.org to the owner of example.org. Any other certificates for example.org would cause a warning to popup in the browser. However, certificate authorities have to answer to government authorities that may want to eavesdrop on traffic. Therefore, a certificate authority may be required to grant a signing certificate to its government. The government will then use it to generate valid certificates for all of the sites that it wants to decrypt traffic for.

The public key infrastructure has no protection against this. Any certificate authority trusted by a browser can sign a certificate for any website, and that certificate will be accepted by the browser. This allows organizations to conduct man-in-the-middle attacks on users without them knowing. Service providers have been caught doing this [1] [2] and there is no way to stop them from doing it again. The SignatureCheck.org service can detect these types of attacks and alert users when they are occur so they don't transmit sensitive information over the network.

How does it work?

When a user visits a website, a browser extension sends the IP address of the website to SignatureCheck.org. SignatureCheck.org then replies with the thumbprints of the certificate it received when connecting to the same IP address. The browser extension then checks the thumbprints against the thumbprints it received. If they don't match, the browser's traffic is likely being intercepted and the extension displays a warning.

Since the browser's traffic is already being hijacked, the communication with SignatureCheck.org must be protected from modification. Otherwise, the attacker could inject the false fingerprints into the message to circumvent the protection. The protocol is cryptographically protected from tampering, to understand how this works the protocol details need to be examined.

  1. The browser connects to a using the HTTPS protocol and receives a certificate.
  2. The SignatureCheck browser extension then sends the site address to SignatureCheck.org along with a random string.
  3. SignatureCheck.org then connects to the address and retrieves the certificate.
  4. The MD5 and SHA1 thumbprints of the retrieved certificate are calculated.
  5. A random string is also generated by the server.
  6. A hash value is then calculated over the thumbprints, the site address, the server's random variable, the client's random variable.
  7. The hash value is then encrypted using a private key on the server.
  8. The encrypted hash value, the random strings, the site address, and the thumbprints are all returned to the browser extension.
  9. The browser extension calculates the hash value of the received data minus the encrypted hash value.
  10. The browser extension then uses an embedded public key to decrypt the received hash value.
  11. The locally calculated hash and decrypted hash are compared. If they don't match, the traffic was tampered with and the extension gives an error and stops.
  12. The received client random variable and site are compared with the ones that were sent. If they don't match, the response was for a different request so the extension gives and error and stops.
  13. Finally, the thumbprints are checked against the ones originally received by the browser from the site. If they don't match, the traffic to that site is being intercepted and the plugin displays a warning.

The protocol also uses temporary keys and includes more info, but the overall operation is the same as stated above. For more details, visit the protocol page.

To get the plugins, visit the plugins page.

Privacy

The plugins do not collect anything on a user's web page.
Also, the URL information is always stripped before it is sent to SignatureCheck.org.
(e.g. https://mail.google.com/mail/u/0/#inbox becomes 74.125.224.22)
Therefore, the only information being sent to SignatureCheck.org is information that is already being transmitted in plaintext over the Internet.

Once a request is made to the site, none of the information regarding which IP address requested certificate information for a given site is recorded.
The only things cached are site certificates to speed up duplicate site requests.

No information about clients is ever recorded. The purpose of this site is strictly to increase privacy.