计算机科学 ›› 2015, Vol. 42 ›› Issue (Z6): 408-412.
张明,许博义,郭艳来
ZHANG Ming, XU Bo-yi and GUO Yan-lai
摘要: SSL/TLS是网络上广泛使用的一个安全协议,它在TCP层和使用TCP的应用程序之间提供安全服务,能保证消息的保密性和完整性。SSL/TLS协议的标准在不断地完善,但是针对SSL/TLS的攻击也在不断地出现。首先对SSL/TLS协议进行了介绍,其次重点分析了各种典型的针对SSL/TLS的攻击。针对SSL/TLS协议的攻击被分为3类:与机制有关的攻击、与实现有关的攻击、与信任模型有关的攻击。在每类攻击下,都给出了几个具体的实例。
[1] Wagner D,Schneier B.Analysis of the SSL 3.0 protocol[C]∥The Second USENIX Workshop on Electronic Commerce Proceedings.1996:29-40 [2] Paulson L C.Inductive analysis of the Internet protocol TLS[J].ACM Transactions on Information and System Security(TISSEC),1999,2(3):332-351 [3] Marlinspike M.New tricks for defeating SSL in practice[J].BlackHat DC,February,2009 [4] Shin D,Lopes R.An empirical study of visual security cues to prevent the SSLstripping attack[C]∥Proceedings of the 27th Annual Computer Security Applications Conference.ACM,2011:287-296 [5] Fairweather D,Shin D.Demo:A Chrome Extension to Preventthe SSLstripping Attack.http://cups.cs.cmu.edu/soups/2012/demo/demo03.pdf [6] Nikiforakis N,Younan Y,Joosen W.HProxy:Client-side detection of SSL stripping attacks[M]∥Detection of Intrusions and Malware,and Vulnerability Assessment.Springer Berlin Heidelberg,2010:200-218 [7] Mavrogiannopoulos N,Vercauteren F,Velichkov V,et al.Across-protocol attack on the TLS protocol[C]∥Proceedings of the 2012 ACM Conference on Computer and Communications Security.ACM,2012:62-72 [8] Jakovljevic A.Exploring cross-protocol attacks on the TLS protocol[J].Katholieke University Leuven,2012,7(2):11-38 [9] Cremers C.Feasibility of multi-protocol attacks[C]∥The First International Conference on Availability,Reliability and Security(ARES 2006).IEEE,2006:8 [10] Rescorla E.Understanding the TLS Renegotiation Attack[J].Educated Guesswork,2009,11(1):13-28 [11] Kurmus A.TLS renegotiation vulnerability(CVE-2009-3555)[J].Common Vulnerabilites & Exposures,2009,35(5):35-55 [12] Zoller T.TLS/SSLv3 renegotiation vulnerability explained[J].α-Secc University of Luxembourg,2011,1(1):7-13 [13] Rescorla E,Ray M,Dispensa S,et al.Transport layer security(TLS) renegotiation indication extension[J].Internet Enginee-ring Task Force(IETF),2010,18(5):3-5 [14] Giesen F,Kohlar F,Stebila D.On the security of TLS renegotiation[C]∥Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security.ACM,2013:387-398 [15] Clark J,van Oorschot P C.SoK:SSL and HTTPS:Revisitingpast challenges and evaluating certificate trust model enhancements[C]∥2013 IEEE Symposium on Security and Privacy(SP).IEEE,2013:511-525 [16] Goldberg I,Wagner D.Randomness and the Netscape browser[J].Dr Dobb’s Journal-Software Tools for the Professional Programmer,1996,21(1):66-71 [17] Bello L,Bertacchini M,Hat B.Predictable PRNG in the vulnerable Debian OpenSSL package:the what and the how[C]∥the 2nd DEF CON Hacking Conference.2008 [18] Ahmad D.Two years of broken crypto:debian's dress rehearsal for a global PKI compromise[J].Security & Privacy,IEEE,2008,6(5):70-73 [19] Yilek S,Rescorla E,Shacham H,et al.When private keys are public:results from the 2008 Debian OpenSSL vulnerability[C]∥Proceedings of the 9th ACM SIGCOMM Conference on Internet Measurement Conference.ACM,2009:15-27 [20] Heninger N,Durumeric Z,Wustrow E,et al.Mining Your Ps and Qs:Detection of Widespread Weak Keys in Network Devices[C]∥USENIX Security Symposium.2012:205-220 [21] Seggelmann R,Tuexen M,Williams M.Transport Layer Security(TLS) and Datagram Transport Layer Security(DTLS) Heartbeat Extension[J].IETF draftietf-tls-dtls-heartbeat-00(June 2010),2012,26(4):1-9 [22] Seggelmann R,Tuexen M,Williams M.Transport Layer Security(TLS) and Datagram Transport Layer Security(DTLS) Heartbeat Extension[J].IETF draftietf-tls-dtls-heartbeat-00(June 2010),2012 [23] Wikipedia.Heartbleed[EB/OL].[2014-6-14].http://en.wikipedia.org/wiki/Heartbleed [24] Durumeric Z,Kasten J,Adrian D,et al.The matter of Heartbleed[C]∥ACM Internet Measurement Conference(IMC).2014 [25] Momani E M H,Hudaib A A Z.Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection[J].International Journal of Computer Science and Security(IJCSS),2014,8(4):159 [26] Mpofu T P,Elisa N,Gati N.The Heartbleed Bug:An Open Secure Sockets Layer Vulnerability[J].International Journal of Science and Research(IJSR).2012,9(7064):1470-1473 [27] Ye E,Yuan Y,Smith S.Web spoofing revisited:SSL and beyond[J].Dartmouth Computer Science Technical Report,2002,7(36):1-15 [28] Adelsbach A,Gajek S,Schwenk J.Visual spoofing of SSL protected web sites and effective countermeasures[M]∥Information Security Practice and Experience.Springer Berlin Heidelberg,2005:204-216 [29] Herzberg A,Gbara A.Protecting(even) naive Web users,or:preventing spoofing and establishing credentials of Web sites[J].Bar Ilan University,2004,7(18):1-26 [30] Felten E W,Balfanz D,Dean D,et al.Web spoofing:An internet con game[J].Software World,1997,28(2):6-8 [31] Soghoian C,Stamm S.Certified lies:Detecting and defeatinggovernment interception attacks against ssl(short paper)[M]∥Financial Cryptography and Data Security.Springer Berlin Heidelberg,2012:250-259 [32] Ornaghi A,Valleri M.Man in the middle attacks Demos[EB/OL].[2014-6-14].http://www.smarttech.ie/wp-content/uploads/2013/12/bh-us-03-ornaghi-valleri.pdf [33] Dacosta I,Ahamad M,Traynor P.Trust no one else:Detecting MITM attacks against SSL/TLS without third-parties[M]∥Computer Security-ESORICS 2012.Springer Berlin Heidelberg,2012:199-216 [34] Holz R,Riedmaier T,Kammenhuber N,et al.X.509 Forensics:Detecting and Localising the SSL/TLS Men-in-the-middle[M]∥Computer Security-ESORICS 2012.Springer Berlin Heidelberg,2012:217-234 [35] Alicherry M,Keromytis A D.Doublecheck:Multi-path verification against man-in-the-middle attacks[C]∥IEEE Symposium on Computers and Communications(ISCC 2009).IEEE,2009:557-563 |
No related articles found! |
|