Milan Lysoňek: Existing Attacks on SSL/TLS Protocol

Disclaimer: This thesis was supervised together with RedHat company; I served mainly as a formal superviser; technical consultant were Stanislav Židek and Hubert Kario. The goal of the thesis was to extend the capabilities of testing attacks based on fuzztesting solved within the RedHat company.

Abstract

SSL/TLS is a modern cryptographic protocol, which secures the communication between client and server. However, there are attacks on this protocol which can compromise communication either by eavesdropping or disruption. Defending against such attacks and testing the bulletproofness of protocols is a challenging process. This work describes attacks on SSL/TLS and implements selected attacks within tlsfuzzer — a sophisticated solution for testing SSL/TLS implementations. The resulting implementation of attacks is demonstrated on three SSL/TLS implementations.