FLEXTLS A Tool for Testing TLS Implementations

Abstract : We present FLEXTLS, a tool for rapidly prototyping and testing implementations of the Transport Layer Security (TLS) protocol. FLEXTLS is built upon MITLS, a verified implementation of TLS, and hence protocol scenarios written in FLEXTLS can benefit from robust libraries for messaging and cryptography. Conversely, attack scripts in FLEXTLS can be used to evaluate and communicate the impact of new protocol vulnerabilities. FLEXTLS was used to discover recent attacks on TLS implementations, such as SKIP and FREAK, as well as to program the first proof-of-concept demos for FREAK and Logjam. It is also being used to experiment with proposed designs of the upcoming version 1.3 of TLS. Our goal is to create a common platform where protocol analysts and practitioners can easily test TLS implementations and share protocol designs, attacks or proofs.
Type de document :
Communication dans un congrès
9th USENIX Workshop on Offensive Technologies, WOOT '15, Aug 2014, Washington DC, United States
Liste complète des métadonnées

Littérature citée [12 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01295035
Contributeur : Bhargavan Karthikeyan <>
Soumis le : mercredi 30 mars 2016 - 11:43:18
Dernière modification le : vendredi 25 mai 2018 - 12:02:06
Document(s) archivé(s) le : lundi 14 novembre 2016 - 08:53:39

Fichier

woot15-paper-beurdouche.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01295035, version 1

Collections

Citation

Benjamin Beurdouche, Antoine Delignat-Lavaud, Nadim Kobeissi, Alfredo Pironti, Karthikeyan Bhargavan. FLEXTLS A Tool for Testing TLS Implementations. 9th USENIX Workshop on Offensive Technologies, WOOT '15, Aug 2014, Washington DC, United States. 〈hal-01295035〉

Partager

Métriques

Consultations de la notice

134

Téléchargements de fichiers

165