Detecting and Defending Against Certificate Attacks with Origin-Bound CAPTCHAs

  • Adil AhmadEmail author
  • Faizan Ahmad
  • Lei Wei
  • Vinod Yegneswaran
  • Fareed Zaffar
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 255)


Published reports have highlighted various attacks on secure Public Key Infrastructure (PKI)-based SSL/TLS protocols. A well-known example of such an attack, that exploits a flaw in the Certificate Authority (CA) model of the PKI, is the compelled Man-in-the-Middle (MITM) attack, in which governments or affiliated agencies compel a CA to issue false but verifiable certificates for popular websites. These certificates are then used to hijack secure communication for censorship and surveillance purposes. Such attacks significantly undermine the confidentiality guarantees provided by SSL and the privacy of Internet users at large.

To address this issue, we present Origin-Bound CAPTCHAs (OBCs), which are dual CAPTCHA tests that elevate the difficulty of launching such attacks and make their deployment infeasible especially in cases of mass surveillance. An OBC is linked to the public key of the server and by solving the OBC, the client can use the certificate to authenticate the server and verify the confidentially of the link. Our design is distinguished from prior efforts in that it does not require bootstrapping but does require minor changes at the server side. We discuss the security provided by an OBC from the perspective of an adversary who employs a human work force and presents the findings from a controlled user study that evaluates tradeoffs in OBC design choices. We also evaluate a software prototype of this concept that demonstrates how OBCs can be implemented and deployed efficiently with 1.2-3x overhead when compared to a traditional TLS/SSL implementation.


Compelled-certificate attacks Man-in-the-middle attacks CAPTCHAs 



We would like to thank all the anonymous reviewers of the program committee for their valuable insights on the paper. This work was partially funded by the National Science Foundation (NSF) under Grant No. CNS-1514503. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of NSF.


  1. 1.
  2. 2.
    Securimage PHP Captcha.
  3. 3.
    Heise SSL Guardian: Protection against unsafe SSL certificates (2008).
  4. 4.
  5. 5.
    Google 2-Step Verification, September 2016.
  6. 6.
    Node.js, July 2016.
  7. 7.
    Sites using CAPTCHAS, July 2016.
  8. 8.
    Abts, D., Felderman, B.: A guided tour of data-center networking. Commun. ACM 55(6), 44–51 (2012)CrossRefGoogle Scholar
  9. 9.
    Alicherry, M., Keromytis, A.D.: DoubleCheck: multi-path verification against man-in-the-middle attacks. In: IEEE Symposium on Computers and Communications, ISCC 2009, pp. 557–563. IEEE (2009)Google Scholar
  10. 10.
    Balfanz, D., Hamilton, R.: Transport layer security (TLS) channel IDs. IETF Draft (2013)Google Scholar
  11. 11.
    Bursztein, E., Aigrain, J., Moscicki, A., Mitchell, J.C.: The end is nigh: generic solving of text-based CAPTCHAs. In: 8th USENIX Workshop on Offensive Technologies (WOOT 2014) (2014)Google Scholar
  12. 12.
    Bursztein, E., Bethard, S., Fabry, C., Mitchell, J.C., Jurafsky, D.: How good are humans at solving CAPTCHAs? A large scale evaluation. In: IEEE Symposium on Security and Privacy, pp. 399–413 (2010)Google Scholar
  13. 13.
    Bursztein, E., Moscicki, A., Fabry, C., Bethard, S., Mitchell, J.C., Jurafsky, D.: Easy does it: more usable CAPTCHAs. In: Proceedings of the 32nd Annual ACM Conference on Human Factors in Computing Systems, pp. 2637–2646. ACM (2014)Google Scholar
  14. 14. Free captcha-service.
  15. 15.
    Dietz, M., Czeskis, A., Balfanz, D., Wallach, D.S.: Origin-bound certificates: a fresh approach to strong client authentication for the web. Presented as part of the 21st USENIX Security Symposium (USENIX Security 2012), pp. 317–331 (2012)Google Scholar
  16. 16.
    Evans, C., Palmer, C., Sleevi, R.: Public key pinning extension for HTTP. Technical report (2015)Google Scholar
  17. 17.
    Ferraro Petrillo, U., Mastroianni, G., Visconti, I.: The design and implementation of a secure CAPTCHA against man-in-the-middle attacks. Secur. Commun. Netw. 7(8), 1199–1209 (2014)CrossRefGoogle Scholar
  18. 18.
    Gao, H., et al.: Robustness of text-based completely automated public turing test to tell computers and humans apart. IET Inf. Secur. 10(1), 45–52 (2016)CrossRefGoogle Scholar
  19. 19.
    Gao, S., Mohamed, M., Saxena, N., Zhang, C.: Emerging image game CAPTCHAs for resisting automated and human-solver relay attacks. In: Proceedings of the 31st Annual Computer Security Applications Conference. ACSAC (2015)Google Scholar
  20. 20.
    Karapanos, N., Capkun, S.: On the effective prevention of TLS man-in-the-middle attacks in web applications. In: 23rd USENIX Security Symposium (USENIX Security 2014), pp. 671–686 (2014)Google Scholar
  21. 21.
    Karapanos, N., Marforio, C., Soriente, C., Capkun, S.: Sound-proof: usable two-factor authentication based on ambient sound. In: 24th USENIX Security Symposium (USENIX Security 2015), pp. 483–498 (2015)Google Scholar
  22. 22.
    Karlof, C., Shankar, U., Tygar, J.D., Wagner, D.: Dynamic pharming attacks and locked same-origin policies for web browsers. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 58–71. ACM (2007)Google Scholar
  23. 23.
    Kim, T.H.J., Huang, L.S., Perring, A., Jackson, C., Gligor, V.: Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure. In: Proceedings of the 22nd International Conference on World Wide Web, pp. 679–690. ACM (2013)Google Scholar
  24. 24.
    Osadchy, M., Hernandez-Castro, J., Gibson, S., Dunkelman, O., Pérez-Cabo, D.: No bot expects the DeepCAPTCHA! Introducing immutable adversarial examples, with applications to CAPTCHA generation. IEEE Trans. Inf. Forensics Secur. 12(11), 2640–2653 (2017)CrossRefGoogle Scholar
  25. 25.
    Roosa, S.B., Schultze, S.: Trust darknet: control and compromise in the internet’s certificate authority model. IEEE Internet Comput. 17(3), 18–25 (2013)CrossRefGoogle Scholar
  26. 26.
    Shultze, S.: Diginotar hack highlights critical failures of our SSL web security model, September 2011.
  27. 27.
    Soghoian, C., Stamm, S.: Certified lies: detecting and defeating government interception attacks against SSL (short paper). In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 250–259. Springer, Heidelberg (2012). Scholar
  28. 28.
    Syta, E., et al.: Keeping authorities “honest or bust” with decentralized witness cosigning. arXiv preprint arXiv:1503.08768 (2015)
  29. 29.
    Szalachowski, P., Matsumoto, S., Perrig, A.: PoliCert: Secure and flexible TLS certificate management. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 406–417. ACM (2014)Google Scholar
  30. 30.
    von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: CAPTCHA: using hard AI problems for security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003). Scholar
  31. 31.
    Wendlandt, D., Andersen, D.G., Perrig, A.: Perspectives: improving SSH-style host authentication with multi-path probing. In: USENIX Annual Technical Conference, vol. 200 (2008)Google Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018

Authors and Affiliations

  • Adil Ahmad
    • 1
    Email author
  • Faizan Ahmad
    • 2
  • Lei Wei
    • 3
  • Vinod Yegneswaran
    • 4
  • Fareed Zaffar
    • 2
  1. 1.Purdue UniversityWest LafayetteUSA
  2. 2.Lahore University of Management Sciences (LUMS)LahorePakistan
  3. 3.Apple Inc.CupertinoUSA
  4. 4.SRI InternationalMenlo ParkUSA

Personalised recommendations