Skip to Main content Skip to Navigation
Conference papers

Lost in TLS? No More! Assisted Deployment of Secure TLS Configurations

Abstract : Over the last few years, there has been an almost exponential growth of TLS popularity and usage, especially among applications that deal with sensitive data. However, even with this widespread use, TLS remains for many system administrators a complex subject. The main reason is that they do not have the time to understand all the cryptographic algorithms and features used in a TLS suite and their relative weaknesses. For these reasons, many different tools have been developed to verify TLS implementations. However, they usually analyze the TLS configuration and provide a list of possible attacks, without specifying their mitigations. In this paper, we present TLSAssistant, a fully-featured tool that combines state-of-the-art TLS analyzers with a report system that suggests appropriate mitigations and shows the full set of viable attacks.
Document type :
Conference papers
Complete list of metadata

Cited literature [44 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, November 28, 2019 - 2:25:23 PM
Last modification on : Wednesday, May 19, 2021 - 4:52:03 PM
Long-term archiving on: : Saturday, February 29, 2020 - 3:47:34 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Salvatore Manfredi, Silvio Ranise, Giada Sciarretta. Lost in TLS? No More! Assisted Deployment of Secure TLS Configurations. 33th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jul 2019, Charleston, SC, United States. pp.201-220, ⟨10.1007/978-3-030-22479-0_11⟩. ⟨hal-02384588⟩



Record views


Files downloads