Lost in TLS? No More! Assisted Deployment of Secure TLS Configurations

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11559)


Over the last few years, there has been an almost exponential growth of TLS popularity and usage, especially among applications that deal with sensitive data. However, even with this widespread use, TLS remains for many system administrators a complex subject. The main reason is that they do not have the time to understand all the cryptographic algorithms and features used in a TLS suite and their relative weaknesses. For these reasons, many different tools have been developed to verify TLS implementations. However, they usually analyze the TLS configuration and provide a list of possible attacks, without specifying their mitigations. In this paper, we present TLSAssistant, a fully-featured tool that combines state-of-the-art TLS analyzers with a report system that suggests appropriate mitigations and shows the full set of viable attacks.


TLS misconfiguration Vulnerability detection Assisted mitigations 



The authors would like to thank IPZS for the collaboration on the development of the authentication solution based on the CIE 3.0 carried out in the context of the joint laboratory DigimatLab between FBK and IPZS.

Supplementary material


  1. 1.
    Adrian, D., et al.: Imperfect forward secrecy: how Diffie-Hellman fails in practice. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (2015).
  2. 2.
    AlFardan, N.J., Paterson, K.G.: Lucky thirteen: breaking the TLS and DTLS record protocols. In: IEEE Symposium on Security and Privacy, SP, pp. 526–540 (2013).
  3. 3.
    Aviram, N., et al.: DROWN: breaking TLS with SSLv2. In: 25th USENIX Security Symposium (2016)Google Scholar
  4. 4.
    Bhargavan, K., Leurent, G.: Transcript collision attacks: breaking authentication in TLS, IKE and SSH. In: 23rd Annual Network and Distributed System Security Symposium, NDSS (2016)Google Scholar
  5. 5.
    Bhargavan, K., Leurent, G.: On the practical (in-)security of 64-bit block ciphers: collision attacks on HTTP over TLS and OpenVPN. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016 (2016).
  6. 6.
  7. 7.
    Bright, P.: Apple, Google, Microsoft, and Mozilla come together to end TLS 1.0.
  8. 8.
    Cartwright, M.: Book Review: Experimentation in Software Engineering: An Introduction. By Wohlin, C, Runeson, P., Höst, M., Ohlsson, M.C., Regnell, B., Wesslén, A. Kluwer Academic Publishers (1999). ISBN 0-7923-8682-5. Softw. Test. Verif. Reliab. (2001).
  9. 9.
    Dell’Interno, M.: Carta di identitá elettronica.
  10. 10.
    Desnos, A.: Github: Androguard.
  11. 11.
    Dormann, W.: Announcing CERT Tapioca 2.0 for Network Traffic Analysis.
  12. 12.
    Ducklin, P.: Boffins ‘crack’ HTTPS encryption in Lucky Thirteen attack.
  13. 13.
    Ducklin, P.: The SLOTH attacks: why laziness about cryptography puts security at risk.
  14. 14.
    Fahl, S., Harbach, M., Muders, T., Baumgärtner, L., Freisleben, B., Smith, M.: Why Eve and Mallory love android: an analysis of android SSL (in)security. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 50–61 (2012).
  15. 15.
    Georgiev, M., Iyengar, S., Jana, S., Anubhai, R., Boneh, D., Shmatikov, V.: The most dangerous code in the world: validating SSL certificates in non-browser software. In: ACM Conference on Computer and Communications Security, pp. 38–49 (2012).
  16. 16.
    Gluck, Y., Harris, N., Prado, A.: BREACH: reviving the CRIME attack.
  17. 17.
  18. 18.
  19. 19.
    Green, M.: The Internet is broken: could we please fix it?
  20. 20.
    Grimmett, J.: Encryption export controls (2001).
  21. 21.
    Group, N.W.: The TLS Protocol: Version 1.0.
  22. 22.
    Group, N.W.: The Transport Layer Security (TLS) Protocol: Version 1.1.
  23. 23.
    Group, N.W.: The Transport Layer Security (TLS) Protocol: Version 1.2.
  24. 24.
    Group, N.W.: Transport Layer Security Protocol Compression Methods.
  25. 25.
    Group, O.W.: OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens.
  26. 26.
    IETF: The Transport Layer Security (TLS) Protocol: Version 1.3.
  27. 27.
    IETF: Transport Layer Security (TLS) Renegotiation Indication Extension.
  28. 28.
  29. 29.
    Kolybabi, M., Lawrence, G.: ssl-enum-ciphers.
  30. 30.
    Lyon, G.: Nmap: the Network Mapper.
  31. 31.
    Microsoft-Inria: Triple Handshakes Considered Harmful: Breaking and Fixing Authentication over TLS.
  32. 32.
    Möller, B., Duong, T., Kotowicz, K.: This POODLE Bites: Exploiting the SSL 3.0 Fallback.
  33. 33.
  34. 34.
  35. 35.
    Poligrafico e Zecca dello Stato Italiano.
  36. 36.
    Pornin, T.: What is DROWN and how does it work?
  37. 37.
  38. 38.
  39. 39.
  40. 40.
    Robshaw, M.: Stream ciphers (1995).
  41. 41.
  42. 42.
  43. 43.
    Services, A.W.: Alexa Top Sites.
  44. 44.
    Shannon, C.E.: Communication theory of secrecy systems*. Bell Syst. Tech. J. 28 (1949). Scholar
  45. 45.
  46. 46.
    Smyth, B., Pironti, A.: Truncating TLS connections to violate beliefs in web applications. In: 7th USENIX Workshop on Offensive Technologies, WOOT (2013)Google Scholar
  47. 47.
    Somorovsky, J.: Systematic fuzzing and testing of TLS libraries. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016, pp. 1492–1504 (2016).
  48. 48.
    Vanhoef, M., Piessens, F.: RC4 NOMORE (Numerous Occurrence MOnitoring & Recovery Exploit).
  49. 49.
  50. 50.
    Wetter, D.: /bin/bash based SSL/TLS tester:
  51. 51.

Copyright information

© IFIP International Federation for Information Processing 2019

Authors and Affiliations

  1. 1.Security & Trust, FBKTrentoItaly
  2. 2.University of TrentoTrentoItaly

Personalised recommendations