[SSL Observatory] Brainstorming attacks on ssl
Tom Ritter
tom at ritter.vg
Thu Nov 14 04:36:45 PST 2013
Some things that come to mind, not all of which are actually attacks:
- Low-Exponent DH surveys, with followup and investigation to try and
determine what software is used and supports/doesn't support it. (See
also http://permalink.gmane.org/gmane.comp.encryption.general/16172 )
- Open Source Protocol Incompatibility survey tool (or extend sslyze)
to test for servers that don't support parts of TLS, e.g.client Hello
> 255, >512, TLS 1.1+, Extensions, etc
- Timing and Cache Attacks (and the resulting constant-time fixes)
for AES-GCM implementations
- "Unsafe Defaults: A Survey of SSL Implementations, and Default
Options That Are Just Wrong" - stuff like how openssl defaults to 1024
bits, I believe it uses insecure ciphers by default, etc
-tom
More information about the Observatory
mailing list