Existing Attacks on SSL/TLS Protocol

  1. Study design and implementations of SSL/TLS protocol and existing attacks on its design and implementation [1], testing approaches and tlsfuzzer project [2]. Get familiar with existing attacks against SSL/TLS.
  2. Identify existing attacks that are suitable for reproduction in tlsfuzzer framework. Design a test suite for them.
  3. Implement the tests and necessary improvements to tlsfuzzer and tlslite-ng [3].
  4. Run the tests against existing SSL/TLS implementations and evaluate the results.

Points that should be done during the first semester: 1. and 2.

[1] https://www.feistyduck.com/books/bulletproof-ssl-and-tls/
[2] https://github.com/tomato42/tlsfuzzer
[3] https://github.com/tomato42/tlslite-ng

You must be logged in to perform this action!

Stanislav Židek

Team:
Location: Brno
Diploma theses with this Topic:
Existing Attacks on SSL/TLS Protocol