Abstract
TLS protocol is an essential part of secure Internet communication. In the past, many attacks have been identified on the protocol. Most of these attacks are not due to design flaws of the protocol, but due to flaws in specific implementation of protocol. One of the widely used implementation of TLS is SChannel which is used in Windows operating system since its inception. In this paper, we have used “protocol state fuzzing” to identify vulnerable and undesired state transitions in the state machine models of the protocol for various versions of SChannel. The technique of protocol state fuzzing has been implemented using query based state machine learning. The client as well as server components have been analyzed thoroughly using this technique and various flaws have been discovered in the implementation. Exploitation of these flaws under specific circumstances may lead to serious attacks which have potential to disrupt secure communication.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aviram, N., et al.: DROWN: breaking TLS using SSLv2. In: USENIX Security Symposium, pp. 689–706 (2016)
Green, M.: Attack of the week: FREAK (or ‘factoring the NSA for fun and profit’). A Few Thoughts on Cryptographic Engineering (2018). https://blog.cryptographyengineering.com/2015/03/03/attack-of-week-freak-or-factoring-nsa/
Adrian, D., et al.: Imperfect forward secrecy: how Diffie-Hellman fails in practice. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 5–17. ACM (2015)
Bhargavan, K., Leurent, G.: Transcript collision attacks: breaking authentication in TLS, IKE, and SSH. In: Network and Distributed System Security Symposium-NDSS 2016 (2016)
Synopsys, S.: Heartbleed Bug. Heartbleed.com (2018). http://heartbleed.com/
De Ruiter, J., Poll, E.: Protocol state fuzzing of TLS implementations. In: USENIX Security Symposium, pp. 193–206 (2015)
Www-archive.mozilla.org: The SSL 2.0 Protocol (1995). https://www-archive.mozilla.org/projects/security/pki/nss/ssl/draft02.html
Tools.ietf.org: RFC 6101 - The Secure Sockets Layer (SSL) Protocol Version 3.0 (2011). https://tools.ietf.org/html/rfc6101
Ietf.org: RFC 2246 - The TLS Protocol Version 1.0 (1999). https://www.ietf.org/rfc/rfc2246.txt
Ietf.org: RFC 4346 - The Transport Layer Security (TLS) Protocol Version 1.1 (2006). https://www.ietf.org/rfc/rfc4346.txt
Ietf.org: RFC 5246 - The Transport Layer Security (TLS) Protocol Version 1.2 (2008). https://www.ietf.org/rfc/rfc5246.txt
Beurdouche, B., et al.: A messy state of the union: taming the composite state machines of TLS. In: 2015 IEEE Symposium on Security and Privacy (SP), pp. 535–552. IEEE (2015)
Msdn.microsoft.com: Secure Channel (Windows) (n.d.). https://msdn.microsoft.com/en-us/library/windows/desktop/aa380123(v=vs.85).aspx
Yadav, T., Rao, A.M.: Technical aspects of cyber kill chain. In: Abawajy, J.H., Mukherjea, S., Thampi, S.M., Ruiz-Martínez, A. (eds.) SSCC 2015. CCIS, vol. 536, pp. 438–452. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22915-7_40
Koustav, S., Mallari, R.A., Yadav, T.: Cyber attack thread: a control-flow based approach to deconstruct and mitigate cyber threats. In: 2015 International Conference on Computing and Network Communications (CoCoNet), pp. 170–178. IEEE (2015)
Langley, A.: ImperialViolet - early changecipherspec attack. Imperialviolet.org (2014). https://www.imperialviolet.org/2014/06/05/earlyccs.html
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yadav, T., Sadhukhan, K. (2019). Identification of Bugs and Vulnerabilities in TLS Implementation for Windows Operating System Using State Machine Learning. In: Thampi, S., Madria, S., Wang, G., Rawat, D., Alcaraz Calero, J. (eds) Security in Computing and Communications. SSCC 2018. Communications in Computer and Information Science, vol 969. Springer, Singapore. https://doi.org/10.1007/978-981-13-5826-5_27
Download citation
DOI: https://doi.org/10.1007/978-981-13-5826-5_27
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-5825-8
Online ISBN: 978-981-13-5826-5
eBook Packages: Computer ScienceComputer Science (R0)