Existing Attacks on SSL/TLS Protocol

  1. Study design and implementations of SSL/TLS protocol and existing attacks on its design and implementation [1], testing approaches and tlsfuzzer project [2]. Get familiar with existing attacks againts SSL/TLS.
  2. Identify existing attacks that are suitable for reproduction in tlsfuzzer framework. Design a test suite for them.
  3. Implement the tests and necessary improvements to tlsfuzzer and tlslite-ng [3].
  4. Run the tests against existing SSL/TLS implementations and evaluate the results.

Points that should be done during the first semester: 1. and 2.

[1] https://www.feistyduck.com/books/bulletproof-ssl-and-tls/
[2] https://github.com/tomato42/tlsfuzzer
[3] https://github.com/tomato42/tlslite-ng

Leader: Milan Lysoněk

Location: Brno
Topic: Existing Attacks on SSL/TLS Protocol


University: Brno University of Technology
Type: Bachelor Thesis
Date of Defence:
Grade: A