Tracing Your Roots: Exploring the Security Issues of Root Certificates in Android TLS Connections
摘要
The widespread adoption of Transport Layer Security (TLS) relies on rigorous certificate verification, but our large-scale analysis reveals shocking security issues in the root certificates themselves and their configuration that undermine TLS authentication guarantees. This paper uncovers security issues at two distinct levels: (1) The default root certificate list on platforms ranging from Android 7 to 14 and HarmonyOS 3.0 to 5.0 contains non-compliant root certificates, such as those associated with critical CVE vulnerability, certificates expired for over four years, and those using weak cryptography algorithm. Overall, HarmonyOS 5.0 performs best, followed by Android 14. (2) We carefully select 1246 popular apps to view their actual usage of custom root certificates. 42% of them have configuration issues with custom implementations, and some even enable HTTP communication, which indicates that while customizing root certificates provides convenience to users, it also introduces security risks. Finally, we evaluate the priority of root certificates from different sources to help users better understand the root certificates used by the current TLS connection. In general, both manufacturers and developers need to further improve their management and usage of root certificates.