Sys­te­ma­tic Fuz­zing and Tes­ting of TLS Li­b­ra­ries

Juraj So­mo­rovs­ky

ACM CCS 2016

Ab­stract

We pre­sent TLS-At­ta­cker, an open sour­ce frame­work for eva­lua­ting the se­cu­ri­ty of TLS li­b­ra­ries. TLS-At­ta­cker al­lows se­cu­ri­ty en­gi­neers to crea­te cust­om TLS mes­sa­ge flows and ar­bi­tra­ri­ly mo­di­fy mes­sa­ge con­tents using a sim­ple in­ter­face in order to test the be­ha­vi­or of their li­b­ra­ries.

Based on TLS-At­ta­cker, we pre­sent a two-sta­ge fuz­zing ap­proach to eva­lua­te TLS ser­ver be­ha­vi­or. Our ap­proach au­to­ma­ti­cal­ly se­ar­ches for cryp­to­gra­phic failu­res and bo­un­da­ry vio­la­ti­on vul­nerabi­li­ties. It al­lo­wed us to find unusu­al pad­ding ora­cle vul­nerabi­li­ties and over­flows/over­re­ads in wi­de­ly used TLS li­b­ra­ries, in­clu­ding OpenSSL, Botan, and Ma­trixSSL.

Our fin­dings mo­ti­va­te de­ve­lo­pers to crea­te com­pre­hen­si­ve test sui­tes, in­clu­ding po­si­ti­ve as well as ne­ga­ti­ve tests, for the eva­lua­ti­on of TLS li­b­ra­ries. We use TLS-At­ta­cker to crea­te such a test suite frame­work which finds fur­ther pro­blems in Botan.

[TLS-At­ta­cker] [paper]

Tags: fuz­zing, TLS