Demonstration of attacks on SSL-TLS protocols
Secure Sockets Layer (SSL) which was superseded by Transport Layer Security (TLS) is the most extensively used application of cryptography in the day-to-day life of humanity. It is used to secure communication between two parties across the internet ensuring the principles of identification, authent...
Saved in:
| 主要作者: | |
|---|---|
| 其他作者: | |
| 格式: | Final Year Project |
| 語言: | English |
| 出版: |
Nanyang Technological University
2022
|
| 主題: | |
| 在線閱讀: | https://hdl.handle.net/10356/156548 |
| 標簽: |
添加標簽
沒有標簽, 成為第一個標記此記錄!
|
| 機構: | Nanyang Technological University |
| 語言: | English |
| 總結: | Secure Sockets Layer (SSL) which was superseded by Transport Layer Security (TLS) is the most extensively used application of cryptography in the day-to-day life of humanity. It is used to secure communication between two parties across the internet ensuring the principles of identification, authentication, confidentiality, and integrity. Over the last decade there have been multiple attacks on SSL-TLS in order to break the encryption and obtain the sensitive information that was encrypted. Some of these attacks focus on implementation errors, or some inherent feature of SSL-TLS.
This report shall focus on two such attacks, POODLE and CRIME and we will dive deep into following aspects:
1. Feature of SSL-TLS that is exploited.
2. How is it exploited (Theory)?
3. How is it exploited (Proof-of-Concept)?
4. What is the impact of this attack?
5. What are some strategies to mitigate this attack? |
|---|