TLS and its main application HTTPS are an essential part of internet security. Since 2011, several attacks against the TLS Record Protocol have been presented. To remediate these flaws, countermeasures have been proposed. They were usually specific to a particular attack, and were sometimes in contradiction with one another. All the proofs of concept targeted HTTPS and relied on the repetition of some secret element inside the TLS tunnel. In the HTTPS context, such secrets are pervasive, be they authentication cookies or anti-CSRF tokens. We present a comprehensive state of the art of attacks on the Record Protocol and the associated proposed countermeasures. In parallel to the community efforts to find reliable long term solutions, we propose masking mechanisms to avoid the repetition of sensitive elements, at the transport or application level. We also assess the feasibility and efficiency of such defense-in-depth mechanisms. The recent POODLE vulnerability confirmed that our proposals could thwart unknown attacks, since they would have blocked it.
Publié dans les actes Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (pages 225 à 236)
Présenté lors de la conférence ASIA CCS à Singapore en avril 2015BibTeX Document Présentation