Demonstration of attacks on SSL-TLS protocols
Secure Sockets Layer (SSL) which was superseded by Transport Layer Security (TLS) is the most extensively used application of cryptography in the day-to-day life of humanity. It is used to secure communication between two parties across the internet ensuring the principles of identification, authent...
محفوظ في:
| المؤلف الرئيسي: | |
|---|---|
| مؤلفون آخرون: | |
| التنسيق: | Final Year Project |
| اللغة: | English |
| منشور في: |
Nanyang Technological University
2022
|
| الموضوعات: | |
| الوصول للمادة أونلاين: | https://hdl.handle.net/10356/156548 |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| الملخص: | Secure Sockets Layer (SSL) which was superseded by Transport Layer Security (TLS) is the most extensively used application of cryptography in the day-to-day life of humanity. It is used to secure communication between two parties across the internet ensuring the principles of identification, authentication, confidentiality, and integrity. Over the last decade there have been multiple attacks on SSL-TLS in order to break the encryption and obtain the sensitive information that was encrypted. Some of these attacks focus on implementation errors, or some inherent feature of SSL-TLS.
This report shall focus on two such attacks, POODLE and CRIME and we will dive deep into following aspects:
1. Feature of SSL-TLS that is exploited.
2. How is it exploited (Theory)?
3. How is it exploited (Proof-of-Concept)?
4. What is the impact of this attack?
5. What are some strategies to mitigate this attack? |
|---|