Demonstration of attacks on SSL-TLS protocols
Secure Sockets Layer (SSL) which was superseded by Transport Layer Security (TLS) is the most extensively used application of cryptography in the day-to-day life of humanity. It is used to secure communication between two parties across the internet ensuring the principles of identification, authent...
Saved in:
Main Author: | |
---|---|
Other Authors: | |
Format: | Final Year Project |
Language: | English |
Published: |
Nanyang Technological University
2022
|
Subjects: | |
Online Access: | https://hdl.handle.net/10356/156548 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Nanyang Technological University |
Language: | English |
Summary: | Secure Sockets Layer (SSL) which was superseded by Transport Layer Security (TLS) is the most extensively used application of cryptography in the day-to-day life of humanity. It is used to secure communication between two parties across the internet ensuring the principles of identification, authentication, confidentiality, and integrity. Over the last decade there have been multiple attacks on SSL-TLS in order to break the encryption and obtain the sensitive information that was encrypted. Some of these attacks focus on implementation errors, or some inherent feature of SSL-TLS.
This report shall focus on two such attacks, POODLE and CRIME and we will dive deep into following aspects:
1. Feature of SSL-TLS that is exploited.
2. How is it exploited (Theory)?
3. How is it exploited (Proof-of-Concept)?
4. What is the impact of this attack?
5. What are some strategies to mitigate this attack? |
---|