A Modular and Extensible Framework for Securing TLS

A Modular and Extensible Framework for Securing TLS

연구 분야: Verification

학회: CODASPY '22: Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy

While being both extremely powerful and popular, TLS is a protocol that is hard to securely deploy. On the one hand, system administrators are required to grasp several security concepts to fully understand the impact of each option and avoid misconfigurations. On the other hand, app developers should use cryptographic libraries in a secure way avoiding dangerous default settings or other subtleties (e.g., padding or modes of operations). To help secure TLS, we propose a modular framework, extensible with new features and capable of streamlining the mitigation process of known and newly discovered TLS attacks even for non-expert users.