Security Testing of Embedded TLS Implementations

Loading...
Thumbnail Image

URL

Journal Title

Journal ISSN

Volume Title

Perustieteiden korkeakoulu | Master's thesis

Date

2022-08-22

Department

Major/Subject

Security and Cloud Computing

Mcode

SCI3113

Degree programme

Master’s Programme in Security and Cloud Computing (SECCLO)

Language

en

Pages

99

Series

Abstract

The Transport Layer Security (TLS) protocol is by far the most popular cryptographic protocol used to secure data being exchanged on the Internet. The latest version, TLS 1.3, provides a set of security properties on top of what was already included in previous versions, such as channel binding, downgrade protection, and non-replayability, along with improved performance and exclusion of less secure algorithms that were used before. However, vulnerabilities are constantly found and reported in implementations of TLS, especially those developed specifically for embedded devices, as they require code optimizations that sometimes leave necessary checks out of the picture, giving rise to security flaws. To improve the quality and security of these embedded implementations, it is recommended to apply software testing throughout the development process. Fuzz testing, or simply fuzzing, is an effective testing technique that has been successfully used in the past to find bugs and vulnerabilities in different kinds of applications. In fuzzing tests, semi-valid test cases are generated randomly either by modifying valid seeds or by following a specification or model and fed as input to the target program, while monitoring its behavior. Unfortunately, most existing fuzzing tools are focused on file-based or standard input applications, and they are not very effective for testing cryptographic protocols where input messages are subject to integrity checks and need to be encrypted and decrypted constantly. Additionally, to the best of our knowledge, there is a lack of a comprehensive tool or set of guidelines that specify how to test embedded TLS implementations. In this thesis, we develop a testing framework that can be used to measure the security of embedded TLS implementations by combining fuzzing techniques with hand-crafted test cases. We then use this framework to test HTLS, a TLS library developed by Huawei.

Description

Supervisor

Ekberg, Jan Erik

Thesis advisor

Niemi, Arto

Keywords

security testing, vulnerability analysis, fuzzing, embedded systems

Other note

Citation