The goal of this project is to create a labor for playing with TLS attacks.
The project shall be built on top of our TLS-Attacker. TLS-Attacker (and TLS-Scanner) allow you to easily evaluate the properties of any TLS server. Based on the results, you can learn a lot about the implementation properties, server configuration, and specific bugs. Unfortunately, there are no comprehensive websites educating developers about the attacks and their impact (as it is, for example, in the area of web security).
While having some background on TLS and security would be nice (e.g., by visiting our RWC lecture), it is not necessary. For the project group we are searching different candidates bringing different perspectives to the team, for example:
- web development
- java and docker
- education skills
We select our participants through personal interviews. You can find more information in jupyter.
For more information about the project, see also our project presentation.