Let's Downgrade Let's Encrypt
Following the recent off-path attacks against PKI, Let's Encrypt deployed in 2020 domain validation from multiple vantage points to ensure security even against the stronger on-path MitM adversaries. The idea behind such distributed domain validation is that even if the adversary can hijack traffic of some vantage points, it will not be able to intercept traffic of all the vantage points to all the nameservers in a domain. In this work we show that two central design issues of the distributed domain validation of Let's Encrypt make it vulnerable to downgrade attacks: (1) the vantage points are selected from a small fixed set of vantage points, and (2) the way the vantage points select the nameservers in target domains can be manipulated by a remote adversary. We develop off-path methodologies, based on these observations, to launch downgrade attacks against Let's Encrypt. The downgrade attacks reduce the validation with 'multiple vantage points to multiple nameservers', to validation with 'multiple vantage points to a single attacker-selected nameserver'. Through experimental evaluations with Let's Encrypt and the 1M-Let's Encrypt-certified domains, we find that our off-path attacker can successfully launch downgrade attacks against more than 24.53% of the domains, rendering Let's Encrypt to use a single nameserver for validation with them. We then develop an automated off-path attack against the 'single-server'-domain validation for these 24.53% domains, to obtain fraudulent certificates for more than 107K domains, which constitute 10% of the 1M domains in our dataset. We also evaluate our attacks against other major CAs and compare the security and efforts needed to launch the attacks, to those needed to launch the attacks against Let's Encrypt. We provide recommendations for mitigations against our attacks.