Abstract:
TLS is the most used protocol to establish a secure connection over an insecure channel, like the internet. This protocol has to be implemented by both communicating parties. However, time has shown that correctly and securely implementing TLS is challenging. Recent vulnerabilities in TLS implementations range from cryptographic mistakes [3] and state machine bugs [7] to typical implementation mistakes like buffer overflows and overreads [2]. Thus, the need to test implementations for weaknesses arises. Previous work focused on evaluating the security of servers. Two frameworks used for this are TLS-Attacker and TLS-Scanner. TLS-Attacker implements the TLS stack and allows to easily modify the exchanged messages. TLS-Scanner automatically scans servers for vulnerabilities.
In this work, we implemented a framework to evaluate client implementations using TLS-Attacker and concepts from TLS-Scanner. Due to its extensible design, it allows researchers to prototype and implement new attacks. We used our framework to evaluate curl with different TLS libraries. Our evaluation uncovered security and compatibility issues in major TLS libraries, including Schannel, BoringSSL, GnuTLS, LibreSSL, and NSS.