Vulnerability-Tolerant Transport Layer Security

SSL/TLS communication channels play a very important role in Internet security, including cloud computing and server infrastructures. There are often concerns about the strength of the encryption mechanisms used in TLS channels. Vulnerabilities can lead to some of the cipher suites once thought to be secure to become insecure and no longer recommended for use or in urgent need of a software update. However, the deprecation/update process is very slow and weeks or months can go by before most web servers and clients are protected, and some servers and clients may never be updated. In the meantime, the communications are at risk of being intercepted and tampered by attackers. In this paper we propose an alternative to TLS to mitigate the problem of secure communication channels being susceptible to attacks due to unexpected vulnerabilities in its mechanisms. Our solution, called Vulnerability-Tolerant Transport Layer Security (vtTLS), is based on diversity and redundancy of cryptographic mechanisms and certificates to ensure a secure communication even when one or more mechanisms are vulnerable. Our solution relies on a combination of k cipher suites which ensure that even if k − 1 cipher suites are insecure or vulnerable, the remaining cipher suite keeps the communication channel secure. The performance and cost of vtTLS were evaluated and compared with OpenSSL, one of the most widely used implementations of TLS. 1998 ACM Subject Classification C.2.2 Network Protocols; D.4.6 Security and Protection

[1]  Fred B. Schneider,et al.  Proactive obfuscation , 2010, TOCS.

[2]  Arjen K. Lenstra,et al.  Factorization of a 768-Bit RSA Modulus , 2010, CRYPTO.

[3]  Miguel Correia,et al.  Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery , 2010, IEEE Transactions on Parallel and Distributed Systems.

[4]  Alysson Neves Bessani,et al.  OS diversity for intrusion tolerance: Myth or reality? , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN).

[5]  Kenneth G. Paterson,et al.  A Surfeit of SSH Cipher Suites , 2016, CCS.

[6]  Joan Daemen Advanced Encryption Standard , 2011, Encyclopedia of Cryptography and Security.

[7]  Bev Littlewood,et al.  Redundancy and Diversity in Security , 2004, ESORICS.

[8]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[9]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[10]  R. Silva,et al.  Authentication Security through Diversity and Redundancy for Cloud Computing , 2014 .

[11]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[12]  Andrey Bogdanov,et al.  Biclique Cryptanalysis of the Full AES , 2011, ASIACRYPT.

[13]  Anh Nguyen-Tuong,et al.  Effectiveness of Moving Target Defenses , 2011, Moving Target Defense.

[14]  Tatu Ylönen,et al.  The Secure Shell (SSH) Protocol Architecture , 2006, RFC.

[15]  Miguel Correia,et al.  vtTLS: A vulnerability-tolerant communication protocol , 2016, 2016 IEEE 15th International Symposium on Network Computing and Applications (NCA).

[16]  Peter Saint-Andre,et al.  Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS) , 2015, RFC.

[17]  Alfred Menezes,et al.  Public-Key Encryption , 1996, Handbook of Applied Cryptography.

[18]  Bruce Schneier,et al.  Improved Cryptanalysis of Rijndael , 2000, FSE.

[19]  Marc Stevens,et al.  The First Collision for Full SHA-1 , 2017, CRYPTO.

[20]  Leyla Bilge,et al.  Before we knew it: an empirical study of zero-day attacks in the real world , 2012, CCS.

[21]  Alfred Menezes,et al.  Hash Functions and Data Integrity , 1996, Handbook of Applied Cryptography.

[22]  Marc Stevens Attacks on Hash Functions and Applications , 2012 .

[23]  Ralph C. Merkle,et al.  Secrecy, authentication, and public key systems , 1979 .

[24]  Douglas Stebila,et al.  Performance analysis of elliptic curve cryptography for SSL , 2002, WiSE '02.

[25]  Masayuki Kanda,et al.  Addition of the Camellia Cipher Suites to Transport Layer Security (TLS) , 2011, RFC.

[26]  Per Larsen,et al.  Profile-guided automated software diversity , 2013, Proceedings of the 2013 IEEE/ACM International Symposium on Code Generation and Optimization (CGO).

[27]  Per Larsen,et al.  SoK: Automated Software Diversity , 2014, 2014 IEEE Symposium on Security and Privacy.

[28]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[29]  Michael Tüxen,et al.  Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension , 2012, RFC.

[30]  Richard Ford,et al.  Moving-Target Defenses for Computer Networks , 2014, IEEE Security & Privacy.

[31]  Miguel Correia,et al.  Intrusion-Tolerant Architectures: Concepts and Design , 2002, WADS.

[32]  John Viega,et al.  Network security using OpenSSL - cryptography for secure communications , 2002 .

[33]  Matthew Green,et al.  Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice , 2015, CCS.

[34]  Ravishankar K. Iyer,et al.  Transparent runtime randomization for security , 2003, 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings..

[35]  Thomas Peyrin,et al.  Freestart Collision for Full SHA-1 , 2015, EUROCRYPT.