Has anyone looked into or discussed the issue of detecting key reuse? I have combed through Qualys Community forums and other public forums but do not find anyone discussing this topic. This may not be an issue for small organizations but for large organizations managing TLS certificates for hundreds of sites, this has the potential of having far-reaching ramifications, at least I think so. What do I mean by detecting key reuse? Allow me to paint an ugly picture...
Example Company has decided that a wildcard certificate would be well-suited to meet their needs for securing multiple sub-domains. A new private key is created and a related certificate signing request is generated for '*.example.com'. The signing request is given to a trusted certification authority and a signed certificate is returned without any issues.
The web team provides a copy of the private key and signed certificate to the network team to install on a network load balancer. Six months later business is booming and a content delivery provider is contracted to assist with the improving the customer experience with the web site. The network team provides a copy of the private key and signed certificate to the project team responsible for building and managing the content delivery infrastructure.
At some point a copy of the private key and wildcard certificate are provided to the development team to test their application(s). There is a specific use case where they wish to test a specifically named web environment. Using the same private key they generate a new signing request for 'dev.example.net' and have it signed by a different certification authority from the original. Everything works grand and their testing is a success.
A few months after testing is complete the security team discovers that the web environment hosting 'dev.example.net' has been compromised and there is reasonable suspicion the the private key was compromised in the attack.
Believing this was the only version of the private key, the security team requires the private key for dev.example.net be replaced immediately, a new signing request generated, and a new certificate issued from a trusted CA. This is done and the environment is rebuilt, patched and the adversaries kept at bay.
The unwary security team believes they have prevented further compromise of the environment but they could be further from the truth if the private key had indeed been compromised.
I realize there are several operational and standards-based issues in the above example. The focus area in the above horror story is on the reuse of the private key in/by multiple environments/teams - something I think happens all too often in larger organizations.
My interests are on detecting every instance of a public key wherever it may exist in the environment. To be exact, I am focusing on data contained within the public key itself and not attributes about the key. That is, I must ignore everything about the X.509 fields such as issuer, serial number, subject, thumbprint, etc and focus only on information contained within the key - the modulus.
I have performed limited testing using the same private key, generated unique signing requests from the same private key, and had those requests signed by different CAs. I then installed the private key and signed certificate on the respective platform (Linux/Apache and Windows/IIS). In this example the message digest of the modulus is the same in both environments providing me a clue that the same private key was used.
My questions are these.
- Is tracking of the modulus of a public key an accurate method to detect key reuse? I know you can use the modulus to match private key to signing request to signed certificates. I am just taking this a step further.
- Does SSL Labs provide anything via the API about the modulus that would assist with tracking these aspect of an organization's TLS posture? I figured it was faster to ask the question to a) validate the concern and b) ensure I did not overlook something with my own API adventures.
If I need to provide more data on this topic, just indicate as much. I did this in a semi-production environment but can mock it up in non-prod easily enough. The simple test would be something like the following using OpenSSL, two sites using the same keys would show the same digest output.
echo -n \
| openssl s_client -connect host:port \
| sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' \
| openssl x509 -noout -modulus \
| sed 's/^Modulus=//' \
| openssl sha1