UPB Bildmarke
System Security
Contact
  • Deutsch
  • English
  • Kontakt
  • Team
  • Open Positions
  • Research
  • Teaching
  • Theses
    • Open Page "Faculty"
    • Department of Mathematics
    • Department of Computer Science
    • Department of Electrical Engineering
    • Faculty for Electrical Engineering, Computer Science, and Mathematics
  1. Faculty of Computer Science, Electrical Engineering and Mathematics
  2. Institute of Computer Science
  3. System Security
  4. Teaching
  5. Theses

BA: Ex­tend­ing TLS-At­tack­er with new fea­tures and at­tacks

30.04.2024

Share post on:

  • Share on Instagram
  • Teilen auf Twitter
  • Teilen auf Facebook
  • Teilen auf Xing
  • Teilen auf LinkedIn
  • Teilen über E-Mail
  • Link kopieren

TLS-Attacker is a Java-based framework for analyzing TLS libraries. It is able to send arbitrary protocol messages in an arbitrary order to the TLS peer, and define their modifications using a provided interface. This gives the developer an opportunity to easily define a custom TLS protocol flow and test it against his TLS library.

In cooperation with the Ruhr University Bochum, we are constantly extending this library and provide new TLS evaluation features or implement new attacks. Once these features are added, their prevalence is evaluated in the TLS ecosystem using our TLS-Scanner.

These are just a few examples of topics we are currently offering:

  • OCSP Scaning
  • SSL labs scoring system integration
  • Evaluation of TLS server configuration compatibility to different standards (e.g., FIPS or BSI TR-02102-2)

References:

  • https://github.com/RUB-NDS/TLS-Attacker
  • https://github.com/RUB-NDS/TLS-scanner
  • https://www.ssllabs.com/ssltest/
  • https://www.bsi.bund.de/DE/Publikationen/TechnischeRichtlinien/tr02102/index_htm.html


Requirements:

  • Good Java programming skills
  • Knowledge of TLS
  • Interest in the development of new attacks

Contact

business-card image

Prof. Dr.-Ing. Juraj Somorovsky

System Security

Write email +49 5251 60-6690
More about the person

System Security

Warburger Str. 100
33098 Paderborn
Germany

Universität Paderborn

Warburger Str. 100
33098 Paderborn
Germany

Phone University

+49 5251 60-0
Legal notice
  • Imprint
  • Data privacy
  • Whistleblower system
Social networks