Abstract
Discussion about M3 Insecure Transport Layer
Discussion about M3 Insecure Transport Layer
AI Generated Content Disclaimer
Note: This summary is AI-generated and may contain inaccuracies, errors, or omissions. If you spot any issues, please contact the site owner for corrections. Errors or omissions are unintended.
This presentation covers OWASP Mobile Top 10 Risk M3: Insufficient Transport Layer Protection, providing a thorough walkthrough of transport layer security fundamentals, known SSL/TLS vulnerabilities, and common insecure implementation patterns in mobile applications. Anant Shrivastava explains the OSI model’s transport layer, TLS certificate chains, protocol version weaknesses from SSLv2 through TLS 1.2, and delivers platform-specific prevention guidance for both Android and iOS developers.
Transport Layer Fundamentals: OSI Model Layer 4 provides end-to-end host communication using TCP and UDP protocols, identified by IP:Port pairs. The presentation covers TCP and UDP header structures to establish foundational understanding of network communication.
TLS/SSL Overview: Transport Layer Security (formerly SSL) uses X.509 certificate-based asymmetric encryption. The latest version in use at the time was TLS v1.2, with TLS v1.3 in draft since July 2014. Certificates are issued by Certificate Authorities (CAs) and follow a chain of trust to establish website identity.
SSL Version 2 Vulnerabilities: Designed in 1994 by Netscape, SSLv2 suffers from identical keys for authentication and encryption, weak MAC construction using MD5 susceptible to length extension attacks, no handshake protection allowing undetected MITM downgrade attacks, TCP connection close for data termination enabling truncation attacks, and single-service/fixed-domain certificate assumptions.
SSL 3.0 and Later Attack Surface: SSLv3 has weak key derivation relying on MD5, and is vulnerable to renegotiation attacks, BEAST (CBC ciphers), CRIME and BREACH (compressed connections/SPDY), Lucky13 (timing attacks), RC4 weaknesses, and implementation bugs like Apple SSL goto fail, Heartbleed, and GnuTLS failures.
Common Insecure Mobile Implementations: Using known weak ciphers or protocol versions, communicating via self-signed certificates while ignoring warnings, securing only specific portions of communication, not validating the certificate chain of trust, and mixing TLS and non-TLS content on the same page.
Chain of Trust Issues: Failure to validate that the entire certificate chain matches the official certificate, accepting self-signed certificates outside the root, skipping intermediate certificate checks, and ignoring Basic Constraints or other important extensions.
Detection Approach: Set up a device or emulator with proxy settings for Burp Suite, ZAP, or IronWASP. If traffic interception works and the application still functions normally, the implementation is flawed. Use SSLScan (original or rbsec fork) to identify endpoint-level implementation weaknesses.
Platform-Specific Prevention:
connection:willSendRequestForAuthenticationChallenge:.AllowAllHostnameVerifier and SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER are not present in the codebase.