SSL/TLS is a modern cryptographic protocol, which secures the communication between client and server. However, there are attacks on this protocol which can compromise communication either by eavesdropping or disruption. Defending against such attacks and testing the bulletproofness of protocols is a challenging process. This work describes attacks on SSL/TLS and implements selected attacks within tlsfuzzer — a sophisticated solution for testing SSL/TLS implementations. The resulting implementation of attacks is demonstrated on three SSL/TLS implementations.
Existing Attacks on SSL/TLS Protocol
University
Faculty of Information Technology
Date of Completion
2016
Resources
Leader
Fiedor Tomáš
Consultant
Židek Stanislav
Student
Lysoněk Milan