Security analysis of TLS authentication
| Autor: | Muzzammil Hussain, Aditya Kaushal Ranjan, Vijay Kumar |
|---|---|
| Rok vydání: | 2014 |
| Předmět: |
Authentication
Security analysis Cryptographic primitive Computer science business.industry ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS Cryptography Man-in-the-middle attack Cryptographic protocol Computer security computer.software_genre Authentication protocol business computer Vulnerability (computing) |
| Zdroj: | 2014 International Conference on Contemporary Computing and Informatics (IC3I). |
| DOI: | 10.1109/ic3i.2014.7019737 |
| Popis: | TLS is the cryptographic protocol used in the internet. It consists of set of protocols which are used for negotiation of cryptographic parameters, encryption-decryption and reporting errors during the process. Security Analysis of any cryptographic protocol is very much needed to discover vulnerability and to evaluate its security properties. First we theoretically analysed the protocol using automated tool scyther and draw important conclusion. After that we have performed one real time experiment to identify the loopholes with TLS authentication. We gathered the data and prepared the record of it then we have analysed the reasons behind it and suggested some generic countermeasures to handle them. In this paper we intend to find out the loopholes of TLS and found that certificate forging could be considered as a loophole of TLS security mechanism and discovered its cause and proposed the countermeasures. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|