Use this URL to cite or link to this record in EThOS: https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.792202
Title: On the design and implementation of secure network protocols
Author: AlFardan, Nadhem J.
ISNI:       0000 0004 8497 7766
Awarding Body: Royal Holloway, University of London
Current Institution: Royal Holloway, University of London
Date of Award: 2014
Availability of Full Text:
Access from EThOS:
Access from Institution:
Abstract:
Network Protocols are critical to the operation of the Internet and hence the security of these protocols is paramount. Our work covers the security of three widely deployed protocols: Domain Name System (DNS), Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). Our work shows that the design or implementation of some variants of these protocols are vulnerable to attacks that compromise their fundamental security features. In all of the cases we include experimental results demonstrating the feasibility of our attacks in realistic network environments. We propose a number of countermeasures for the attacks, some of which have already been implemented in practice. We start by describing the structure of DNS and present a number of existing DNS security protocols. We then focus on DepenDNS, a security protocol that is intended to protect DNS clients against cache poisoning attacks. We demonstrate that DepenDNS suffers from operational deficiencies, and is vulnerable to cache poisoning and denial of service attacks. We then give an overview of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS), and draw the similarities and differences between the two protocols. We describe the padding oracle concept and present a number of recent attacks against TLS. We then present new techniques to conduct a full plaintext recovery attack against the OpenSSL implementation of DTLS, and a partial plaintext recovery attack against the GnuTLS implementation of TLS and DTLS. Our attacks exploit timing-based side channels that would not have been exploitable without our new techniques. We also describe countermeasures for the attacks. We then present new distinguishing and plaintext recovery attacks against all versions of TLS and DTLS and in almost all implementations of the two protocols. Our attacks are based on timing-based side channels and exploit TLS and DTLS design and implementation decisions. We describe how to conduct a full plaintext recovery attack against implementations that follow the standard, and a partial plaintext recovery attack against implementations that do not. We discuss a number of countermeasures for the attacks, and describe their practicality and effectiveness. We conclude the thesis by discussing the wider implications of our work on the design and implementation of secure network protocols.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.792202  DOI: Not available
Keywords: TLS ; SSL ; Cryptanalysis ; Attacks ; Network ; Protocols ; side-channel ; timing ; DTLS ; DNS ; DepenDNS ; Lucky13 ; PRF ; block cipher
Share: