Journal ArticleDOI
Exploiting Dissent: Towards Fuzzing-Based Differential Black-Box Testing of TLS Implementations
Andreas Walz,Axel Sikora +1 more
Reads0
Chats0
TLDR
A novel fuzzing algorithm is introduced for generating large and diverse corpuses of mostly-valid TLS handshake messages and is seen as the first step towards fully interactive differential testing of black-box TLS protocol implementations.Abstract:
The Transport Layer Security (TLS) protocol is one of the most widely used security protocols on the internet. Yet do implementations of TLS keep on suffering from bugs and security vulnerabilities. In large part is this due to the protocol's complexity which makes implementing and testing TLS notoriously difficult. In this paper, we present our work on using differential testing as effective means to detect issues in black-box implementations of the TLS handshake protocol. We introduce a novel fuzzing algorithm for generating large and diverse corpuses of mostly-valid TLS handshake messages. Stimulating TLS servers when expecting a ClientHello message, we find messages generated with our algorithm to induce more response discrepancies and to achieve a higher code coverage than those generated with American Fuzzy Lop, TLS-Attacker , or NEZHA . In particular, we apply our approach to OpenSSL , BoringSSL , WolfSSL , mbedTLS , and MatrixSSL , and find several real implementation bugs; among them a serious vulnerability in MatrixSSL 3.8.4 . Besides do our findings point to imprecision in the TLS specification. We see our approach as presented in this paper as the first step towards fully interactive differential testing of black-box TLS protocol implementations. Our software tools are publicly available as open source projects.read more
Citations
More filters
Proceedings ArticleDOI
Supplementary material for the publication "Not-quite-so-broken TLS: lessons in re-engineering a security protocol specification and implementation"
TL;DR: The nqsb-TLS project as mentioned in this paper is a re-engineered approach to TLS specification and implementation that addresses the root causes of security flaws, such as the challenges of interpreting the ambiguous prose specification, the complexities inherent in large APIs and code bases, inherently unsafe programming choices, and the impossibility of directly testing conformance between implementations and the specification.
Journal ArticleDOI
Differential Testing of Certificate Validation in SSL/TLS Implementations: An RFC-guided Approach
TL;DR: By providing seed certificates for mutation approaches with RFCcert, the ability of mutation approaches in finding distinct discrepancies is significantly enhanced.
Journal ArticleDOI
Testing TLS using planning-based combinatorial methods and execution framework
Dimitris E. Simos,Josip Bozic,Bernhard Garn,Manuel Leithner,Feng Duan,Kristoffer Kleine,Yu Lei,Franz Wotawa +7 more
TL;DR: This research work focuses on automated test case generation and execution for the TLS security protocol, where the aim is to combine planning with combinatorial methods for providing test cases that ideally also reveal previously unknown attacks.
Journal ArticleDOI
HFuzz: Towards automatic fuzzing testing of NB-IoT core network protocols implementations
TL;DR: Experimental results show HFuzz yields higher coverage than American Fuzzy Lop (AFL) and Peach, and a real implementation bug in OAI is found, and the framework applies to various protocols.
Proceedings ArticleDOI
DPIFuzz: A Differential Fuzzing Framework to Detect DPI Elusion Strategies for QUIC
TL;DR: In this article, a differential fuzzing framework is proposed to detect strategies to elude stateful DPI systems for QUIC, such as using packets with duplicate packet numbers or exploiting the diverging handling of overlapping stream offsets.
References
More filters
The Transport Layer Security (TLS) Protocol Version 1.2
TL;DR: This document specifies Version 1.2 of the Transport Layer Security (TLS) protocol, which provides communications security over the Internet by allowing client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.
The TLS Protocol Version 1.0
T. Dierks,C. Allen +1 more
TL;DR: This document specifies Version 1.0 of the Transport Layer Security (TLS) protocol, which provides communications privacy over the Internet by allowing client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.
ReportDOI
The Transport Layer Security (TLS) Protocol Version 1.3
TL;DR: This document specifies version 1.3 of the Transport Layer Security (TLS) protocol, which allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery.
Journal ArticleDOI
Simplifying and isolating failure-inducing input
Andreas Zeller,R. Hildebrandt +1 more
TL;DR: The delta debugging algorithm generalizes and simplifies the failing test case to a minimal test case that still produces the failure, and isolates the difference between a passing and a failingTest case.
Proceedings ArticleDOI
The most dangerous code in the world: validating SSL certificates in non-browser software
TL;DR: It is demonstrated that SSL certificate validation is completely broken in many security-critical applications and libraries and badly designed APIs of SSL implementations and data-transport libraries which present developers with a confusing array of settings and options are analyzed.