Thesis Details

Detection of Timing Side-Channels in TLS

Master's Thesis Student: Koscielniak Jan Academic Year: 2019/2020 Supervisor: Vojnar Tomáš, prof. Ing., Ph.D.
Czech title
Detekce časových postranních kanálů v TLS
Language
English
Abstract

The TLS protocol is complex and widely used, which necessitates thorough testing, as there are many devices relying on it for secure communication. This thesis focuses on timing side-channel vulnerabilities, which seem to come back every few years in different variations of the same attacks. It aims to help correctly fix those vulnerabilities and prevent the creation of new ones by providing an automated side-channel testing framework that is integrated into the tlsfuzzer tool, and by expanding its test suite with test scripts for known attacks that exploit timing side-channels. The extension utilizes tcpdump for collecting the timing information and statistical tests and supporting plots to make a decision. The extension and the new test scripts were evaluated and shown to be accurate at spotting side-channels. Both the extension and the test scripts are now a part of the tlsfuzzer tool.

Keywords

TLS, fuzzing, tlsfuzzer, side-channels, timing side-channel, testing, Lucky 13, Bleichenbacher's attack

Department
Degree Programme
Information Technology, Field of Study Information Technology Security
Files
Status
defended, grade B
Date
15 July 2020
Reviewer
Committee
Drahanský Martin, prof. Ing., Dipl.-Ing., Ph.D. (DITS FIT BUT), předseda
Lengál Ondřej, Ing., Ph.D. (DITS FIT BUT), člen
Malinka Kamil, Mgr., Ph.D. (DITS FIT BUT), člen
Orság Filip, Ing., Ph.D. (DITS FIT BUT), člen
Rogalewicz Adam, doc. Mgr., Ph.D. (DITS FIT BUT), člen
Veselý Vladimír, Ing., Ph.D. (DIFS FIT BUT), člen
Citation
KOSCIELNIAK, Jan. Detection of Timing Side-Channels in TLS. Brno, 2020. Master's Thesis. Brno University of Technology, Faculty of Information Technology. 2020-07-15. Supervised by Vojnar Tomáš. Available from: https://www.fit.vut.cz/study/thesis/23189/
BibTeX
@mastersthesis{FITMT23189,
    author = "Jan Koscielniak",
    type = "Master's thesis",
    title = "Detection of Timing Side-Channels in TLS",
    school = "Brno University of Technology, Faculty of Information Technology",
    year = 2020,
    location = "Brno, CZ",
    language = "english",
    url = "https://www.fit.vut.cz/study/thesis/23189/"
}
Back to top