9.2 Random Discussions: DoS attacks on SSL
9.2.2 DoS attacks with respect to different SSL/TLS protocol versions
Table 9.1 gives the SSL protocol version history. As observed from this table, TLSv1.2 is the latest version available and it is published quite a while ago. However, most of the browsers do not support the TLSv1.2. The browsers like Mozilla firefox, support the TLS1.0 as its latest version.
Protocol Versions SSLv1 SSLv2 SSLv3 TLSv1.0 TLSv1.1 TLSv1.2
Year Published 1994 1994 1995 1996 2006 2008
Table 9.1: SSL Version History
Throughout this thesis, we referred these protocols as one irrespective of their version. A brief study is performed to investigate if the different versions of the SSL/TLS protocols affect the possibility of implementing the DoS attack on the secured servers. That is, if any particular protocol creates any additional opportunity to execute DoS attack to create greater impact of the server side.
This study was required to create a guideline for those who are interested in upgrading the older versions of the SSL protocols employed on their servers. The newer version of the SSL protocols differ from their ancestors, mainly in terms of the support for newer cipher suites and improved checking of the protocol messages and added mitigation techniques for attacks, for instance, TLSv1.1 [32] and TLSv1.2 [49] protects against CBC attacks (E.g. Beast attack [65]).
We did not find any differences among SSL protocol versions (SSLv3.0, TLSv1.0, TLSv1.1, TLSv1.2) in terms of increased or decreased possibilities of DoS attacks. This is because, the
9.3 Summary 97
basic functionality, the default protocol messages and the expensive nature of any crypto- graphic operation performed in the SSL protocols has remained the same among the different versions of the SSL protocols.
9.3
Summary
This chapter described four different literatures those are studied during the course of this thesis. In addition, this chapter presented a short description about the session tickets and the impact of the DoS attacks with respect to different versions of the SSL protocols.
Thereverse SSLaims at reversing the roles of client and the server in the SSL handshake when client authentication is used and employing the client puzzle techniques when the client authentication is not used. This proposal of change in the protocol focuses on decreasing the computational requirements of the server during the process of SSL handshake by using the technique called online/offline signature scheme. We argued that this proposal does not mitigate the risk of DoS attack on the servers those use reverse SSL.
In Section 9.1.2, we studied the literature that focused on adjusting the computational imbalance between the server and the client by shifting some of the heavy operations from server-side to the client-side. However, this technique does not completely mitigate the risk of DoS attack. In Section 9.1.3 we listed findings from literature [37]. These results confirm the fact that the SSL protocol is processor intensive. Adding more processors can increase the performance given by the SSL server. Section 9.1.4 describes the idea of application of the "client puzzle" concept in the SSL protocol to request the client to solve the computationally intensive puzzle only when the SSL server is overloaded. The original work can be found at [63].
Section 9.2.1 described the concept of the session ticket. The session tickets can be used for initiating the abbreviated handshake with the server. This method is preferable over the traditional way of session resumption (using session ID). Finally, in Section 9.2.2, we state that the risk of the DoS attack is same irrespective of the different versions of the SSL protocols (SSLv3.0, TLSv1.0, TLSv1.1, TLSv1.2).
CHAPTER
10
Summary and Conclusion
I
n this chapter, we summarize the observations made during the course of this thesis work and certain key areas that should be explored further as future work. We first revisit the problem of DoS attacks and then consider each attack vector experimented in this thesis. Next, this thesis is concluded on the basis of the analysis of the findings of the test cases and the results obtained in the comparative experiments in this thesis work.The SSL protocol consists of the number of sub-protocols. The SSL protocol is complex in structure. There are several reasons that make the SSL protocol a potential target to deploy DoS attack. As the DoS attacks on the TCP may also be applicable on the SSL protocols, care needs to be taken while implementing the SSL protocol under any high level application layer protocol (E.g. HTTP) that originally runs on the transport level protocol such as TCP.
10.1
Attack Vectors
In this research, the SSL is studied in detail, and some of the attack vectors are identified that can be exploited to build DoS attack on the SSL server.
This section considers all the attack vectors identified in this thesis. The attack vectors are referred to the processes that are conducted in the SSL protocol. For example, this thesis identified few of the processes such as client authentication, compression, cryptographic operations and SSL renegotiation. This section discusses the likelihood of exploiting these processes to produce DoS condition.
More specifically, this section summarizes the work done in this thesis on these attack vectors and discusses the extent to which DoS attacks can be successfully executed on the SSL protocol exploiting these attack vectors.