SoK: Lessons Learned From SSL/TLS Attacks

Christopher Meyer, Jörg Schwenk

In Proceedings of "The 14th International Workshop on Information Security Applications (WISA2013)"


Since its introduction in 1994 the Secure Socket Layer (SSL) protocol (later renamed to Transport Layer Security (TLS)) evolved to the de facto standard for securing the transport layer. SSL/TLS can be used for ensuring data con dentiality, integrity and authenticity during transport. A main feature of the protocol is exibility: Modes of operation and security aims can easily be con gured through di erent cipher suites. However, during the evolutionary development several flaws were found. This paper presents an overview on theoretical and practical attacks of the last 17 years, in chronological order and four categories:

System Message: ERROR/3 (<string>, line 3)

Unexpected indentation.
  • Attacks on the Handshake protocol,
  • on the Record and Application Data Protocols,
  • on the PKI infrastructure and
  • various other attacks.

We try to give a short "Lesson(s) Learned" at the end of each paragraph.

[Paper] [Slides]