« | Home | Categories | »

Push Away Your Privacy: Precise User Tracking Based on TLS Client Certificate Authentication

Posted on July 1st, 2017 at 23:48 by John Sinteur in category: News


The design and implementation of cryptographic
systems offer many subtle pitfalls. One such pitfall is that
cryptography may create unique identifiers potentially usable
to repeatedly and precisely re-identify and hence track users.
This work investigates TLS Client Certificate Authentication
(CCA), which currently transmits certificates in plain text. We
demonstrate CCA’s impact on client traceability using Apple’s
Apple Push Notification service (APNs) as an example. APNs is
used by all Apple products, employs plain-text CCA, and aims
to be constantly connected to its backend. Its novel combination
of large device count, constant connections, device proximity to
users and unique client certificates provides for precise client
traceability. We show that passive eavesdropping allows to pre-
cisely re-identify and track users and that only ten interception
points are required to track more than 80 percent of APNs
users due to global routing characteristics.

Write a comment