Re: TLS implementation test

From: Ariel Waissbein (ariel.waissbein@coresecurity.com)
Date: Tue Oct 24 2006 - 17:19:02 EDT

• Next message: Joseph McCray: "Security Skills Assessment (Comments Requested)"
• Previous message: xelerated: "Password audits"
• In reply to: Julien: "TLS implementation test"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

I add a few bullets to the list.

you should also check the handshake. Are the DES, RC4 or no-encryption
options enabled? What are the defaults?

If clients and server are fixed, or added in a controlled way, you may
want to add the requirement of mutual authentication!

What about random number generation? Can one force the server to reuse
symmetric keys? Are there any race conditions in the implementation?

On the other hand, if the crypto has been implemented from scratch, then
you might want to check it for binary vulnerabilities. Else, if you
match this crypto with a known library, do check if there are any
reported bugs for this library.

Cheers,
Ariel

Julien wrote:
> Hi,
>
> This is my first post on this list :)
> I have to test TLS implementation on our product. Ths goal is not to
> discover a threat in TLS but to find threat in our implementation.
> In my test I'll do :
> - MitM
> - Replay attack (I think it will not be possible because of TLS
> timestamps )
> - Dos
> - Sniffing (to check that all communications are encrypted)
>
> What other tests could be done ?
>
>
> Thanks
>
>
> Julien
>
> PS : Sorry for my english ...
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
>
> ------------------------------------------------------------------------
>

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: Joseph McCray: "Security Skills Assessment (Comments Requested)"
• Previous message: xelerated: "Password audits"
• In reply to: Julien: "TLS implementation test"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:14 EDT