Finite-State Analysis of SSL 3.0
نویسندگان
چکیده
The Secure Sockets Layer (SSL) protocol is analyzed using a nite-state enumeration tool called Mur'. The analysis is presented using a sequence of incremental approximations to the SSL 3.0 handshake protocol. Each simpli ed protocol is \modelchecked" using Mur', with the next protocol in the sequence obtained by correcting errors that Mur' nds automatically. This process identi es the main shortcomings in SSL 2.0 that led to the design of SSL 3.0, as well as a few anomalies in the protocol that is used to resume a session in SSL 3.0. In addition to some insight into SSL, this study demonstrates the feasibility of using formal methods to analyze commercial protocols.
منابع مشابه
Finite - State Analysis of SSL 3
The Secure Sockets Layer (SSL) protocol is analyzed using a nite-state enumeration tool called Mur'. The analysis is presented using a sequence of incremental approximations to the SSL 3.0 handshake protocol. Each simpliied protocol is \model-checked" using Mur', with the next protocol in the sequence obtained by correcting errors that Mur' nds automatically. This process identiies the main sho...
متن کاملAnalysis of the SSL 3
The SSL protocol is intended to provide a practical , application-layer, widely applicable connection-oriented mechanism for Internet client/server communications security. This note gives a detailed technical analysis of the cryptographic strength of the SSL 3.0 protocol. A number of minor aws in the protocol and several new active attacks on SSL are presented; however, these can be easily cor...
متن کاملتأثیر روغن قنادی و نامیزهکننده (SSL) بر بیاتی نان بربری
Effect of semihydrogenated vegetable oil (shortening) and sodium stearoyl lactylate (SSL) on retarding Barbari bread staling was investigated in this study. Three levels of 2, 3 and 4 percent shortening and SSL in two levels of 0.5 and 1 percent of flour were used in this research. Treatments included control sample (without shortening and SSL), bread with only shortening, bread with only SSL, ...
متن کاملAnalysis of the SSL 3.0 protocol
Dropping the change cipher spec message The change cipher spec message is used to notify both parties in the protocol to upgrade the status of the session to that negotiated in the handshake. However, configuration messages sent during the handshake are not encrypted they may have been tampered. SSL 3.0 prevents this by sending a MAC of the previous session together with the finish message. An ...
متن کاملAutoRef: Towards Real-Robot Soccer Complete Automated Refereeing
Preparing for robot soccer competitions by empirically evaluating different possible game strategies has been rather limited in leagues using real robots. Such limitation comes from factors related to the difficulty of extensively experimenting with games with real robots, such as their inevitable wear and tear and their usual limited number. RoboCup real robot teams have therefore developed si...
متن کامل