Abstract
Transport Layer Security (TLS) protocol is often vulnerable to version downgrade attacks, where a man-in-the-middle attacker interferes with the handshake protocol and leads the communicating parties to fall back from a higher version of TLS to lower ones, which are typically provided for backward compatibility. In order to thwart the downgrade attack, several defense mechanisms are adopted in most of the recent TLS versions. However, there have not been many studies on analyzing what conditions are needed to guarantee the theoretical security, and understanding how they are implemented in practice in the era of TLS 1.3. To understand the current deployment of downgrade protection mechanisms and their security in the real world, in this paper, we investigated ten major web browsers in five operating systems with diverse implementation conditions of TLS clients and servers. As a result, we identified that two network stacks of Microsoft and Apple are vulnerable to downgrade attacks. We then demonstrate TLS sessions can be downgraded from TLS 1.3 to 1.0 by exploiting the vulnerability. Drawing on our experiment, we analyze the root cause for the vulnerability, and present several mitigation strategies.
Original language | English |
---|---|
Title of host publication | CoNEXT 2020 - Proceedings of the 16th International Conference on Emerging Networking EXperiments and Technologies |
Publisher | Association for Computing Machinery, Inc |
Pages | 157-168 |
Number of pages | 12 |
ISBN (Electronic) | 9781450379489 |
DOIs | |
Publication status | Published - 2020 Nov 23 |
Event | 16th ACM Conference on Emerging Networking Experiment and Technologies, CoNEXT 2020 - Barcelona, Spain Duration: 2020 Dec 1 → 2020 Dec 4 |
Publication series
Name | CoNEXT 2020 - Proceedings of the 16th International Conference on Emerging Networking EXperiments and Technologies |
---|
Conference
Conference | 16th ACM Conference on Emerging Networking Experiment and Technologies, CoNEXT 2020 |
---|---|
Country/Territory | Spain |
City | Barcelona |
Period | 20/12/1 → 20/12/4 |
Bibliographical note
Funding Information:This work was supported by Institute of Information & communications Technology Planning & Evaluation (IITP) grant funded by the Korea government(MSIT) (No.2019-0-00533, Research on CPU vulnerability detection and validation), (No. 2019-0-01697, Development of Automated Vulnerability Discovery Technologies for Blockchain Platform Security). This research was also supported by the MSIT, Korea, under the ICT Creative Consilience program(IITP-2020-0-01819) supervised by IITP.
Publisher Copyright:
© 2020 ACM.
Keywords
- TLS version downgrade attack
- transport layer security 1.3
- web browsers
ASJC Scopus subject areas
- Computer Networks and Communications