Troubles with https on smart TVs
Secure communication on the Internet requires an encryption of transferred content and a verification of identity of the server, with which the TV communicates. This causes certain problems for applications on smart TVs.
How does it all work?
Secure transfer over the Internet utilizes symmetrical encryption of data. The type of encryption depends on capabilities and sets of supported ciphers (called cipher suite) on both sides – i.e. on server and TV. There is a wide range of encryption algorithms and it’s necessary to agree on the type of cipher before the encrypted communication can be established. For this reason a so-called SSL handshake occurs before the transfer itself, during which it is established by both sides which ciphers will be used for encryption, which for the transfer of keys, which hash algorithm should be used for the integrity checks, and so on. Because the data itself is always encrypted symmetrically (AES, 3DES, RC4, Camelia…) it’s necessary that both sides share the key for the given algorithm. The key is also exchanged between the TV and the server during the handshake sequence. For secure transfer of keys is utilized asymmetrical encryption, for which the TV uses public key of the server containing the server’s SSL certificate. The server sends the certificate to the TV during the handshake sequence.
Encryption alone is not enough, the TV must also verify the identity of the server and prevent the scenario in which an attacker (called man-in-the-middle) tricks the TV with his own SSL certificate and all communication would be transferred through him. In such case the communication would be secure; however the data would be encrypted with the attacker’s keys and he would therefore gain access to their decrypted version. For this reason it’s necessary to verify the identity of the server (domain). Data contained in the SSL certificate are used for this, and the certificate includes primarily information on:
- Who was the certificate issued to. In terms of communication, the entry Common Name (CN) is of particular interest, it specifies the domain for which the certificate was issued or sub domains (wildcard certificate) for which the certificate is valid (e.g. *.google.com).
- Who issued it – name of the certification authority (CA), which issued the certificate.
- The validity of the certificate.
- Public key of the server with which we want to communicate (this key will be used for transfer of keys for symmetric encryption).
- And above all, certificate contains the signature of the certification authority. The signature is created by calculating the hash of all data contained in the certificate. This hash is subsequently encrypted by the private key of the certification authority and attached to the certificate.
Every TV contains pre-installed certificates from a number of certification authorities. This is very important – because the security of communication is based on confidence that the TV contains the correct certificates.
So what is the problem with smart TVs?
During the authentication of identity of the server, the TV must verify if the certificate is authentic. For this purpose the TV finds a public key in the locally stored (i.e. pre-installed) certificate of the authority, which presumably issued the server’s certificate. The TV performs decryption of the hash (of signature) and compares this value with the hash value that it calculated from data contained in the certificate. If both values match, then the TV verified that the certificate was for the domain it communicates with, issued by the trusted certification authority.
It is exactly this verification of certification authority that is sometimes “problematic” on smart TVs. While web browsers allow installation of additional certificates (which is not exactly safe), the set of certificates supported by TVs is finite and only expandable through a firmware update. It is therefore completely impossible to use self-signed certificates (i.e. certificates generated by any person using open SSL or a similar tool). The TVs also often don’t support so-called certificate chains, which are situations when a certification authority delegates the power to sign certificates to another company (intermediate CA) which will issue the certificate. In the past we had problems for example with certificates issued by companies StartCom or StarField.
When we take into account that new applications support two to three year old product series from several manufacturers (Samsung, LG, Philips, Sony, Panasonic) it’s very likely that some problems will occur. If you want to prevent them, the easiest method is to get your certificate issued by Symantec, or by some of its subsidiary companies – Thawte, VeriSign or GeoTrust, which control more than 40% of all issued certificates for web services, and their root certificates can be definitely found on all models of smart TVs. This is one of the reasons why it’s important to never underestimate testing on real TVs and not rely only on testing of applications in the emulator. Properties of a SSL certificate for a domain can be checked for example here.