HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Turning Active TLS Scanning to Eleven

Abstract : Transport Layer Security (TLS) is the fundament of today’s web security, but the majority of deployments are misconfigured and left vulnerable to a phletora of attacks. This negatively affects the overall healthiness of the TLS ecosystem, and as such all the protocols that build on top of it. Scanning a larger number of hosts or protocols such as the numerous IPv4-wide scans published recently for a list of known attacks in TLS is non-trivial. This is due to the design of the TLS handshake, where the server chooses the specific cipher suite to be used. Current scanning approaches have to establish an unnecessary large number of connections and amount of traffic. In this paper we present and implemented different optimized strategies for TLS cipher suite scanning that, compared to the current best practice, perform up to 3.2 times faster and with 94% less connections used while being able to do exhaustive scanning for many vulnerabilities at once. We thoroughly evaluated the algorithms using practical scans and an additional simulation for evaluating current cipher suite practices at scale. With this work full TLS cipher suite scans are brought to a new level, making them a practical tool for further empiric research.
Document type :
Conference papers
Complete list of metadata

Cited literature [22 references]  Display  Hide  Download

Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Monday, November 27, 2017 - 10:32:27 AM
Last modification on : Monday, November 27, 2017 - 10:34:00 AM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Wilfried Mayer, Martin Schmiedecker. Turning Active TLS Scanning to Eleven. 32th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), May 2017, Rome, Italy. pp.3-16, ⟨10.1007/978-3-319-58469-0_1⟩. ⟨hal-01649020⟩



Record views


Files downloads