What protections does TLS use in the above scenario?
In the picture, the client asks the attacker for the address of Google.com, but the attacker gives them a different ip address which redirects to a domain that looks like Google.com.
The diagram assumes the initial connection is made using plain text HTTP allowing the attacker to redirect the victim to google.example.com
instead of google.com
. The TLS does not provide protection against that, but HTTP Strict Transport Security (HSTS), RFC 6797 does.
However, Google has not enabled HSTS on the domain apex but only on the www subdomain. Therefore, it cannot be on the HSTS preloading list, either. That's actually a good example of a site that isn't fully protected against this type of attacks. The user would have to
https://google.com
orwww.google.com
protected by HSTS orIn the depicted scenario, assume that the user's initial request is to https://www.google.com (note the s at the end of https). The user's web browser looks up the A record for www.google.com, but because the attacker has poisoned the DNS, the query resolves to 192.168.1.1.
The user's web browser then proceeds to initiate a TLS connection with the web server at 192.168.1.1 (with www.google.com in the CleintHello). At this point (and before the attacker's server can even respond with the 302 redirect), the attacker's web server has to serve a CA-signed certificate for www.google.com and complete a TLS handshake using this certificate. This requires the attacker to have the private key that corresponds with the public key in the certificate. So, to pull this off, the attacker would either have to steal the private key for one of Google's certificates, or dupe a CA into signing a fake certificate for www.google.com. Both of these are a high bar for an attacker.
Host: www.google.com
, notHost: 192.168.1.1
.