Mutual TLS Analysis

About this paper

Mutual TLS in Practice: A Deep Dive into Certificate Configurations and Privacy Issues Hongying Dong, Yizhe Zhang, Hyeonmin Lee, Kevin Du, Guancheng Tu, and Yixin Sun University of Virginia This paper has been published at IMC 2024. Summary In this research, we investigated the prevalence and characteristics of mutual TLS connections, including the associated services and patterns of certificate usage. Specifically, by analyzing TLS connection logs collected from a large campus network over 23 months, we identified over 2.

[Artifact] Code for analyzing information types in mTLS certificates

We provide the code used for conducting the privacy analysis presented in Section 6 of the paper. This code allows you to retrieve the count of each information type (e.g., domain name, IP address, MAC address, personal name, etc.) in the CN and SAN fields of certificates, as shown in Table 8. Classifying types of information in CN and SAN Prerequisites CCADB: We used CCADB to determine whether certificate authorities are listed as the Common Name (CN) or Subject Alternative Name (SAN).

Contact

If you have any questions regarding this paper, please feel free to contact us Hongying Dong, PhD Candidate, University of Virginia Yizhe Zhang, PhD Candidate, University of Virginia Hyeonmin Lee, Postdoc, University of Virginia Yixin Sun, Assistant Professor, University of Virginia

About this paper

Mutual TLS in Practice: A Deep Dive into Certificate Configurations and Privacy Issues

Hongying Dong, Yizhe Zhang, Hyeonmin Lee, Kevin Du, Guancheng Tu, and Yixin Sun
University of Virginia

This paper has been published at IMC 2024.

Summary

In this research, we investigated the prevalence and characteristics of mutual TLS connections, including the associated services and patterns of certificate usage. Specifically, by analyzing TLS connection logs collected from a large campus network over 23 months, we identified over 2.2 million unique server certificates and over 3.4 million unique client certificates used in over 1.2 billion mutual TLS connections. Using this data, we examined security concerns, non-standard behaviors in certificate sharing, and the privacy implications of sensitive information found in mutual TLS certificates.

Key findings

  1. Prevalance of Mutual TLS: 38.45% of the certificates presented by servers and 94.34% of those employed by clients are used in mutual TLS connections. A nearly twofold increase in the overall adoption of mutual TLS authentication is observed, rising from 1.99% to 3.61% of total TLS connections between May 2022 and March 2024.

    Figure: Percentage of TLS connections that employs mutual TLS authentication.

    Figure: Percentage of TLS connections that employs mutual TLS authentication.

    Additionally, while HTTPS is the primary protocol for both mutual and non-mutual TLS connections, mutual TLS has a lower proportion of HTTPS traffic, with various services (e.g., file transfer) using mutual TLS.

  2. Concerning practices in certificate usage:

  • The absence of a valid client issuer in 37.84% of all observed connections.
  • The use of certificates with dummy serial numbers resulting in almost 40,000 collisions within the same issuer.
  • Both endpoints employ identical certificates in single connections that involve over 5,000 clients.
  • The continued use of client certificates that have been expired for over 1,000 days, with 42.27% issued by and used for Apple and Microsoft services
    • Figure: Duration of activity of expired client certificates. ‘Duration of activity’ refers to the interval between the initial observation date and the latest observation date for each certificate or certificate-involved connection.

    Figure: Duration of activity of expired client certificates. ‘Duration of activity’ refers to the interval between the initial observation date and the latest observation date for each certificate or certificate-involved connection.

  1. Information revealed in CN/ SAN: A diverse range of information is uncovered in the Common Name (CN) and Subject Alternative Name (SAN) fields, many of which include sensitive data. Notably, more than 60,000 client certificates contain personal names or user accounts, raising privacy concerns.
    Table: Number (and percentage) of information types in the CN and SAN fields of client certificates. Ratios smaller than 0.01% are denoted as 0.00%.

    Table: Number (and percentage) of information types in the CN and SAN fields of client certificates. Ratios smaller than 0.01% are denoted as 0.00%.