Analysis of recent attacks on SSL/TLS protocols

2016
Özden, Duygu
Transport Layer Security(TLS) and its predecessor Secure Socket Layer(SSL) are two important cryptographic, certificate based protocols that satisfy secure communication in a network channel. They are widely used in many areas such as online banking systems, online shopping, e-mailing, military systems or governmental systems. Being at the center of secure communication makes SSL and TLS become the target of attackers and an important field of study for researchers. So many vulnerabilities and attacks towards these protocols were explored from past to present. In this thesis, we will mention about the design of SSL and TLS, the cryptographic algorithms used in them, important and recent attacks on these protocols with their precautions. At the end, we will touch on the important points and the selection of parameters for their design that will give strong ideas for the future works to fix these vulnerabilities and improve the protocols. 

Suggestions

Security of certificate-based protocols: focus on server authentication
Baran, Selim; Özbudak, Ferruh; Selçuk, Ali Aydın; Department of Cryptography (2015)
Today, secure communication channels are mostly set up via certificate-based protocols, such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Although they have been used for years and in so many areas, from e-commerce and internet banking to secure channel needs in military, there have been several attacks on their security model, which forced researchers to make studies on them. In this thesis, we will explain their security model, the vulnerabilities discovered so far, the precautions fo...
A simple and effective mechanism for stored video streaming with TCP transport and server-side adaptive frame discard
Gurses, E; Akar, Gözde; Akar, N (Elsevier BV, 2005-07-15)
Transmission control protocol (TCP) with its well-established congestion control mechanism is the prevailing transport layer protocol for non-real time data in current Internet Protocol (IP) networks. It would be desirable to transmit any type of multimedia data using TCP in order to take advantage of the extensive operational experience behind TCP in the Internet. However, some features of TCP including retransmissions and variations in throughput and delay, although not catastrophic for non-real time data...
Software implementations of QoS scheduling algorithms for high speed networks /
Pehlivanlı, Aydın; Schmidt, Şenan Ece; Department of Electrical and Electronics Engineering (2015)
The end to end Quality of Service (QoS) support for the dominating multimedia traffic in the contemporary computer networks is achieved by implementing schedulers in the routers and deploying traffic shapers. To this end, realistic modeling and simulation of these components is essential for network performance evaluation. The first contribution of this thesis is the design and implementation of a C++ simulator QueST (Quality of Service simulaTor) for this task. QueST is a modular cycle accurate simulator w...
Analysis of the pantograph arcing and its effects on the railway vehicle
Baysal, Dilek; Bazlamaçcı, Cüneyt Fehmi; Erdem, Oğuzhan; Department of Electrical and Electronics Engineering (2014)
Virtual router is an essential solution to fulfill the increasing demands of network services. A virtual router, having a single hardware platform, serves several networks concurrently and hence provides cost saving. A virtual router maintains multiple forwarding tables that belong to separate internet service providers (ISPs) and performs IP lookup and forwarding functionality for each ISP in one common platform. IP lookup in a virtual router is performed by inspecting the incoming packets that also carry ...
Implementation and evaluation of the dependability plane for the dynamic distributed dependable real time industrial protocol ((D₃RIP))
Sezer, Ömer Berat; Schmidt, Şenan Ece; Schmidt, Kalus Werner; Department of Electrical and Electronics Engineering (2013)
Dynamic Distributed Dependable Real Time Ethernet Industrial Protocol (D3RIP) is a real time industrial communication protocol that runs over shared-medium Ethernet with COTS hardware. The protocol consists of an interface layer that enables time slotted communication and a coordination layer that guarantees collision avoidance and timely delivery of real time messages generated by the control application. At the current development stage, these two layers of the protocol are fully implemented and tested. T...
Citation Formats
D. Özden, “Analysis of recent attacks on SSL/TLS protocols,” M.S. - Master of Science, Middle East Technical University, 2016.