0

I need some help in creating a secure connection using TLS.

I have a downloadable software that connects to our server using TLS connection. We want to ensure that the data sent by client to the server is secure and cannot be seen or manipulated by the user of our software.

I have bundled our CA certificate with the software so that it can verify the host and man-in-the-middle attack. CA certificate is self-signed certificate generated by openssl. 

+---------------------+                      +----------------+
|                     |                      |                |
|                     |      TLS connection  |                |
|  Client Software    +                      |                |
|  + Our CA certificate +------------------->+  Server        |
|                     +                      |                |
|                     |                      |                |
+---------------------+                      +----------------+

However, what happens if a user who downloaded the software spoofs the DNS/ARP poisoning, replaces CA certificate with the fake one and creates man-in-the-middle situation to manipulate/view the traffic. In this case, the CA validation will pass and client software will not be able to detect any abnormal behaviour.

+----------+------+           +------+-----------+          +-----------------+
|   Client +      |           | MITM +           |          |  Server         |
|   Fake CA cert  |  TLS      | our CA cert      |    TLS   |                 |
|                 +---------->+                  +--------->+                 |
|                 |           |                  |          |                 |
+-----------------+           +------------------+          +-----------------+

So possibly using CA certificate is not of much help here.

Any suggestions on how to ensure that the client software make a secure connection with server which can not be compromised by situation like one described above.

Rahul
  • 171
  • 3
  • 1
    This is not a man in the middle **attack**. This is a client willingly to allow a man in the middle to inspect the traffic by installing the CA certificate. It looks more like you want to prevent a client to reverse engineer your application on his own system or manipulate the traffic. TLS is not the way to prevent this. – Steffen Ullrich Jul 13 '19 at 06:36
  • @Rahul [Edit] your question to explain what your end goal is, and what you're trying to protect against. Why do you bundle the CA cert with your software? Why not just use the OS's trust store? If it's not a supported option to replace the cert, why are you so concerned with the possibility that people might, and in so doing open themselves up to MITMs? What are you trying to protect against? – Nic Jul 13 '19 at 06:43
  • @NicHartley modified the questions. Plz let me know if more information required. – Rahul Jul 13 '19 at 06:51
  • @SteffenUllrich you are right. That's the goal. I have edited the question to reflect that. Pls suggest. – Rahul Jul 13 '19 at 06:52
  • @NicHartley Where the DRM has come from? This is a technical forum and I am seeing help with a technical issue irrespective of usage. If you do not know the answer it's perfectly alright but you don't need to get personal. – Rahul Jul 13 '19 at 07:00
  • @Rahul: You are trying to make sure that an application which is running on a users device is fully controlled by you, i.e. that the user is neither able to control or modify the traffic nor can tamper anything inside the application itself. This is exactly what DRM is about: take control from the user even though the device is owned by the user. – Steffen Ullrich Jul 13 '19 at 08:27
  • 1
    @Rahul what stops the user from peeking at the memory to see which data is sent? – vidarlo Jul 13 '19 at 08:36
  • yes, everything is controlled by us including device and client software. So all I am worried about intercepting traffic by external devices/mitm. Keeping that in mind, if you guys have any inputs, kindly suggest. – Rahul Jul 13 '19 at 13:45
  • @Rahul "everything is controlled by us including device" "what happens if a user ... replaces CA certificate with the fake one". See the discrepancy? If you do indeed control the user's device – just forbid this possibility, for example install your self-signed cert into system certificate store and make user's account unable to edit it. If you aren't in control of the device – It's impossible, various technical measures only delay the attacker. – Andrew Morozko Jul 14 '19 at 01:40

0 Answers0