Security analysis of TLS implementations based on state machine learning algorithm

被引：1

作者：

Bi X. ^{[1
]}

Tang C. ^{[1
]}

机构：

[1] College of Electronic Science, National University of Defense Technology, Changsha

来源：

| 2018年 / Chinese Institute of Electronics卷 / 40期

关键词：

Finite state machine; Security protocol analysis; Transport layer security (TLS);

D O I：

10.3969/j.issn.1001-506X.2018.12.27

中图分类号：

学科分类号：

摘要：

By the finite state machine learning algorithm, the state machine model of transport layer security (TLS) implementations could be extracted to analyze its security. At present, in the state machine learning, it is necessary to solve the problem that the state machine learning time increases exponentially as the number of target system states increases. An improved state machine learning algorithm is proposed, which used the TLS implementations' specific sockets to reduce the required test sequence. It combined the checkpoint algorithm to construct the trie (i.e., prefix tree) of the test sequence, simplifying the test procedure of testing the test sequence. The test results showed that the proposed method can greatly reduce the number of equivalence queries generated by the state machine learning process, therefore accelerate the state machine learning process. At the same time, an abnormal state is analyzed through the learned state machine model, and a logic flaw of OpenSSl is found, which proved that the learned model is effective. © 2018, Editorial Office of Systems Engineering and Electronics. All right reserved.

引用

页码：2810 / 2815

页数：5

共 15 条

[1] Garman C., Paterson K.G., Merwe T.V.D., Attacks only get better: password recovery attacks against RC4 in TLS, Proc. of the Usenix Conference on Security Symposium, pp. 113-128, (2015)
[2] Vanhoef M., Piessens F., All your biases belong to us: breaking RC4 in WPA-TKIP and TLS, Proc. of the Usenix Conference on Security Symposium, pp. 97-112, (2015)
[3] Alfardan N.J., Bernstein D.J., Paterson K.G., Et al., On the security of RC4 in TLS, Proc. of the Usenix Conference on Security, pp. 305-320, (2013)
[4] Aviram N., Schinzel S., Somorovsky J., DROWN breaking TLS using SSLv2., Proc. of the 25th USENIX Security Symposium, pp. 689-706, (2016)
[5] Alfardan N.J., Paterson K.G., Lucky thirteen: breaking the TLS and DTLS record protocols, Proc. of the Symposium on Security and Privacy, pp. 526-540, (2013)
[6] Bhargavan K., Leurent G., Transcript collision attacks: breaking authentication in TLS, IKE, and SSH, British Journal of Psychiatry the Journal of Mental Science, 41, 7, pp. 8-13, (2016)
[7] Angluin D., Learning regular sets from queries and counterexamples, Information and Computation, 75, 2, pp. 87-106, (1987)
[8] Hsu Y., Shu G., Lee D., A model-based approach to security flaw detection of network protocol implementations, Proc. of the IEEE International Conference on Network Protocols, pp. 114-123, (2008)
[9] Aarts F., De Ruiter J., Poll E., Formal models of bank cards for free, Proc. of the IEEE 6th International Conference on Software Testing, Verification and Validation Workshops, pp. 461-468, (2013)
[10] Sivakorn S., Argyros G., Pei K., Et al., HVLearn: automated black-box analysis of hostname verification in SSL/TLS implementations, Proc. of the Symposium on Security and Privacy, pp. 521-538, (2017)

← 1 2 →