SSLINT: A Tool for Detecting TLS Certificate Validation Vulnerabilities
نویسندگان
چکیده
Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols have become the security backbone of the Web and Internet today. Many systems including mobile and desktop applications are protected by SSL/TLS protocols against network attacks. However, many vulnerabilities caused by incorrect use of SSL/TLS APIs have been uncovered in recent years. Such vulnerabilities, many of which are caused due to poor API design and inexperience of application developers, often lead to confidential data leakage or man-in-the-middle attacks. In this paper, to guarantee code quality and logic correctness of SSL/TLS applications, we design and implement SSLINT, a scalable, automated, static analysis system for detecting incorrect use of SSL/TLS APIs. SSLINT is capable of performing automatic logic verification with high efficiency and good accuracy. To demonstrate it, we apply SSLINT to one of the most popular Linux distributions – Ubuntu. We find 29 previously unknown SSL/TLS vulnerabilities in Ubuntu applications, most of which are also distributed with other Linux distributions.
منابع مشابه
Virtual Host Confusion: Weaknesses and Exploits
Transport Layer Security (TLS) is commonly used to provide server-authenticated secure channels for HTTPS web applications. From the viewpoint of the client, however, the server authentication guarantees of HTTPS are frequently misconstrued to identify a single HTTPS endpoint or origin whereas, in practice, the HTTPS server may be serving any one of a large set of origins. This issue is even mo...
متن کاملSMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps
Many Android apps use SSL/TLS to transmit sensitive information securely. However, developers often provide their own implementation of the standard SSL/TLS certificate validation process. Unfortunately, many such custom implementations have subtle bugs, have built-in exceptions for self-signed certificates, or blindly assert all certificates are valid, leaving many Android apps vulnerable to S...
متن کاملDetecting Malignant TLS Servers Using Machine Learning Techniques
TLS uses X.509 certificates for server authentication. A X.509 certificate is a complex document and various innocent errors may occur while creating/ using it. Also, many certificates belong to malicious websites and should be rejected by the client and those web servers should not be visited. Usually, when a client finds a certificate that is doubtful using the traditional tests, it asks for ...
متن کاملThe Case for Prefetching and Prevalidating TLS Server Certificates
A key bottleneck in a full TLS handshake is the need to fetch and validate the server certificate before establishing a secure connection. We propose a mechanism by which a browser can prefetch and prevalidate server certificates so that by the time the user clicks on an HTTPS link, the server’s certificate is immediately ready to be used. Combining this with a recent proposal called Snap Start...
متن کاملTrust No One Else: Detecting MITM Attacks against SSL/TLS without Third-Parties
The security guarantees provided by SSL/TLS depend on the correct authentication of servers through certificates signed by a trusted authority. However, as recent incidents have demonstrated, trust in these authorities is not well placed. Increasingly, certificate authorities (by coercion or compromise) have been creating forged certificates for a range of adversaries, allowing seemingly secure...
متن کامل