20 Attacks on the TLS Handshake Protocol

The Handshake protocol is the most complex part of TLS because it has several targets to hit at once: it not only needs a key to be established between client and server in a secure (i.e. authenticated) manner, but also the protocol to do this must be negotiated. Finally, the client and server must agree on a set of symmetric algorithms to encrypt and authenticate their subsequent communication. It should come as no surprise that such a complex protocol is prone to many attacks.

Attacks on the Handshake protocol tend to be more severe than attacks on the Record protocol (which we will cover in the next chapter) because they do not attack single messages, but try to find out the key for the entire TLS ...

Get TLS Cryptography In-Depth now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

TLS Cryptography In-Depth by Dr. Paul Duplys, Dr. Roland Schmitz

20

Attacks on the TLS Handshake Protocol

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly