Achtung:

Sie haben Javascript deaktiviert!
Sie haben versucht eine Funktion zu nutzen, die nur mit Javascript möglich ist. Um sämtliche Funktionalitäten unserer Internetseite zu nutzen, aktivieren Sie bitte Javascript in Ihrem Browser.

Info-Icon This content is not available in English
Studierende in den Seminarräumen des O-Gebäudes, Foto: Universität Paderborn, Fotografin: Judith Kraft Show image information

Studierende in den Seminarräumen des O-Gebäudes, Foto: Universität Paderborn, Fotografin: Judith Kraft

Blackbox evaluation of randomness in TLS

The TLS protocol uses random numbers on different places: generation of keys, initialization vectors, or ClientHello/ServerHello randoms. The TLS implementation has to guarantee that random numbers are always fresh and cannot be predicted. Otherwise, it can have severe consequences on the security of the TLS connections.

The goal of this master thesis is to analyze TLS servers in the wild, collect the used random numbers, and analyze their security. The implementation will rely on our Java-based TLS-Attacker framework, which allows to create flexible TLS handshakes and extract relevant implementation information. The scan will be provided by our TLS-Scanner.

References:


Requirements:

  • Good Java programming skills
  • Good knowledge of TLS
  • Interest in the development of new attacks
Further information:

The University for the Information Society