HTTP Public Key Pinning (HPKP) was first introduced in May 2011 by Google.
HPKP is a way for a host to tell a web browser what keys to accept from the host in the future. When Google first introduced HPKP, they meant for it to be used alongside HTTP Strict Transport Security (HSTS). However, it is possible to use HPKP without requiring HSTS.
What Is HPKP?
HPKP is a security mechanism that adds a layer of security for web clients. It is a Trust on First Use (TOFU) technique, meaning that the first time the host establishes a connection with the web browser the host provides the browser with a specific public key that the client will “pin” to the host. This pinned certificate will then act as another means of verifying the host’s identity.
From then on, every time the browser encounters that same host, the browser will look at the pinned key and verify that it matches the host’s key. If they do not match the browser will terminate the connection.
Why Enable HPKP?
By terminating the connection HPKP can help protect end users from man-in-the-middle (MITM) attacks. One way a MITM attack can happen is when an attacker uses a fraudulent certificate to create a spoofed site in order to harvest user’s personal information.
DigiNotar is a recent example of this. In July of 2011 DigiNotar suffered a data breach and malicious entities issued a wildcard certificate for Google. The attackers were able to perform man in the middle attacks against Google, issuing more than 500 fraudulent certificates. Users had no way of knowing the certificates were fraudulent until it was too late.
HPKP terminates connections before any damage can be done.
Which Key to Pin
To enable HPKP for your server, you first need to decide what key to pin and also you need to have a backup key that will be pinned. Which keys you decide to use will depend on your needs. HPKP requires you to pin at least two keys. You can pin one or all of the public keys in your certificate chain.
Something else to consider is what to do if you need to revoke or renew your certificate. If you revoke your certificate and get another one for your domain, the key will not match what web browsers already have pinned.
A workaround would be to pin your CSR as a backup. That way if you revoked or renewed your certificate you could use your CSR to create another key and use that key to obtain another SSL Certificate. This, as with any other option, has its pros and cons. You will need to decide what solution will work best for you.
For detailed instructions on how to enable HPKP, click here.