| With the rapid development of e-commerce and the security issues occurring frequently, network security has become a hot topic in social concern. The SSL protocol provides protect for the data security. Although the data transmission in the SSL protocol is more difficult to crack, the design and implementation flaws in the SSL protocol causes many vulnerabilities, and the impact of these vulnerabilities are serious. Therefore, the research on the SSL vulnerabilities has become a hot issue of information security.Firstly, from studying the SSL protocol, the paper describes the structure of the SSL protocol. The SSL protocol includes the recording protocol, the handshake protocol, the change cipher spec protocol, the alarm protocol, the application data protocol and the heartbeat protocol. Since many vulnerabilities are concerned with the handshake. The SSL handshake message type is described in detail. Secondly, it analyses when to get three keys and which roles these keys play.Three keys are the pre-master key, the master key and the session key. Finally, it represents the session resumption and the session renegotiation mechanism.Subsequently, the SSL vulnerabilities in recent years are classified and described in detail. The SSL vulnerabilities can be categorized along three dimensions: the flaws in SSL/TLS protocol logic, the cryptographic design flaws and the implementation errors. The TLS Renegotiation Denial of service is the flaw in SSL/TLS protocol logic. The vulnerability reduces server performance through repeatedly using the session renegotiation mechanism. The rule of the padding in the CBC encryption, and the MAC in SSLv3 protocol only to verify the last byte of the padding block lead to Padding Oracle vulnerability. The known initialization vector in SSLv3 protocol causes the BEAST vulnerability. Both the Padding Oracle vulnerability and the BEAST vulnerability are cryptographic design flaws. The Heartbleed vulnerability is described in implementation flaws, and it results from the Open SSL paying less attention to the boundary. On this basis of these vulnerabilityies, the SSL protocol security testing items are proposed, which includes the cipher suite testing, the renegotiation testing, the Heartbleed testing, and certificate validity testing.Based on the analysis of vulnerabilities, the Padding Oracle attack, the BEAST attack, the TLS Renegotiation DOS attack, the Heartbleed attack and the SSL testing system are implemented. For each type of the attack, a brief introduction are presented at the first. Since the Padding Oracle Attack and the BEAST attack belongs to man-in-the-middle attack, the client, the server, and the attacker are all in the attack script. The attack script can help us to understand the responsibilities of each role and what the attacker actually does in the real world. The TLS Renegotiation DOS attack as well as the Heartbleed attack simply running attack scripts can obtain information from the vulnerable HTTPS server. According to the analysis of vulnerabilities in the context, the SSL testing items are proposed, and the testing progress is given. Finally, the attack scripts and the testing system are run in the local simulation environment, then the results are presented. |
PDF Full Text Request