SoK: Les­sons Le­ar­ned From SSL/TLS At­tacks

Chris­to­pher Meyer, Jörg Schwenk

In Pro­cee­dings of "The 14th In­ter­na­tio­nal Work­shop on In­for­ma­ti­on Se­cu­ri­ty Ap­p­li­ca­ti­ons (WI­SA2013)"


Ab­stract

Since its in­tro­duc­tion in 1994 the Se­cu­re So­cket Layer (SSL) pro­to­col (later re­na­med to Trans­port Layer Se­cu­ri­ty (TLS)) evol­ved to the de facto stan­dard for se­cu­ring the trans­port layer. SSL/TLS can be used for en­su­ring data con den­tia­li­ty, in­te­gri­ty and au­then­ti­ci­ty du­ring trans­port. A main fea­ture of the pro­to­col is exi­bi­li­ty: Modes of ope­ra­ti­on and se­cu­ri­ty aims can ea­si­ly be con gured through di erent ci­pher sui­tes. Howe­ver, du­ring the evo­lu­tio­na­ry de­ve­lop­ment se­ver­al flaws were found. This paper pres­ents an over­view on theo­re­ti­cal and prac­tical at­tacks of the last 17 years, in chro­no­lo­gi­cal order and four ca­te­go­ries:

Sys­tem Mes­sa­ge: ERROR/3 (<string>, line 3)

Un­ex­pec­ted in­den­ta­ti­on.
  • At­tacks on the Hand­shake pro­to­col,
  • on the Re­cord and Ap­p­li­ca­ti­on Data Pro­to­cols,
  • on the PKI in­fra­struc­tu­re and
  • va­rious other at­tacks.

We try to give a short "Les­son(s) Le­ar­ned" at the end of each pa­ra­graph.

[Paper] [Sli­des]

Tags: