Security

Best SSL/TLS resources (Attacks, Tools, Talks)

This article will reference the best current resources on SSL/TLS.

Tue 25 August 2015

This article will reference the best current resources on SSL/TLS, if you have other references you think should be included, please point them in the comment section and we'll include them:

Attacks:

BEAST: implicit initialization vector in CBC mode

CRIME: use compression as an auxiliary channel

TIME & BREACH: enhanced version of CRIME attack

LUCKY 13: oracle padding in CBC

RC4: statistical bias

POODLE: oracle padding in CBC for SSL 3.0

Triple Handshake: Impersonate client by retrieving credentials when connecting to a malicious website

GOTO fail in Apple: Bad coding practice leading to certificate validation failure

GOTO fail in GnuTLS: Bad coding practice leading to certificate validation failure

Heartbleed: stack overflow in read operation

Universal Signature Forgery in NSS: A flaw in the Network Security Services (NSS) library allows attackers to create forged RSA certificates

Server Code Execution in SChannel: Remote code execurtion vulnerability in the Microsoft Server

Early CCS: error in the state machine of OpenSSL

SMACK/FREAK/SKIP-TLS: Vulnerabilities in some SSL implementation that could disable encryption or downgraded to weak crackable encryption

LogJam: Downgrade attack similar to the FREAK, but is the result of a flaw in the protocol rather than a flaw in the implementation

Tools:

TrustKit: iOS 8+ universal SSL pinning without the need to change the code.
https://datatheorem.github.io/TrustKit/

FlexTLS: Tool for testing TLS implementation and easier writing of attack PoC.
https://www.smacktls.com/

nogotofail: on-path blackbox network traffic security testing tool
https://github.com/google/nogotofail

Talks:

Truskit: Code injection in iOS 8 for the greater good
https://www.blackhat.com/docs/us-15/materials/us-15-Diquet-TrustKit-Code-Injection-On-iOS-8-For-The-Greater-Good.pdf

Breaking HTTPS with BGP Hijacking
https://www.blackhat.com/docs/us-15/materials/us-15-Gavrichenkov-Breaking-HTTPS-With-BGP-Hijacking.pdf

SSL/TLS current status, 3 years after (french)
https://www.sstic.org/2015/presentation/ssltls_soa_reloaded/

FLEXTLS: A Tool for Testing TLS Implementations
https://www.usenix.org/conference/woot15/workshop-program/presentation/beurdouche

Prying Open Pandora's Box: KCI Attacks against TLS
https://www.usenix.org/conference/woot15/workshop-program/presentation/hlauschek

Tags:

android, ios, ssl/tls, cryptography

We do newsletters, too

Get the latest news, updates, and product innovations from Ostorlab right in your inbox.

Table of Contents