Return of version downgrade attack in the era of TLS 1.3

Sangtae Lee, Youngjoo Shin, Junbeom Hur

Research output: Chapter in Book/Report/Conference proceedingConference contribution

13 Citations (Scopus)

Abstract

Transport Layer Security (TLS) protocol is often vulnerable to version downgrade attacks, where a man-in-the-middle attacker interferes with the handshake protocol and leads the communicating parties to fall back from a higher version of TLS to lower ones, which are typically provided for backward compatibility. In order to thwart the downgrade attack, several defense mechanisms are adopted in most of the recent TLS versions. However, there have not been many studies on analyzing what conditions are needed to guarantee the theoretical security, and understanding how they are implemented in practice in the era of TLS 1.3. To understand the current deployment of downgrade protection mechanisms and their security in the real world, in this paper, we investigated ten major web browsers in five operating systems with diverse implementation conditions of TLS clients and servers. As a result, we identified that two network stacks of Microsoft and Apple are vulnerable to downgrade attacks. We then demonstrate TLS sessions can be downgraded from TLS 1.3 to 1.0 by exploiting the vulnerability. Drawing on our experiment, we analyze the root cause for the vulnerability, and present several mitigation strategies.

Original languageEnglish
Title of host publicationCoNEXT 2020 - Proceedings of the 16th International Conference on Emerging Networking EXperiments and Technologies
PublisherAssociation for Computing Machinery, Inc
Pages157-168
Number of pages12
ISBN (Electronic)9781450379489
DOIs
Publication statusPublished - 2020 Nov 23
Event16th ACM Conference on Emerging Networking Experiment and Technologies, CoNEXT 2020 - Barcelona, Spain
Duration: 2020 Dec 12020 Dec 4

Publication series

NameCoNEXT 2020 - Proceedings of the 16th International Conference on Emerging Networking EXperiments and Technologies

Conference

Conference16th ACM Conference on Emerging Networking Experiment and Technologies, CoNEXT 2020
Country/TerritorySpain
CityBarcelona
Period20/12/120/12/4

Bibliographical note

Funding Information:
This work was supported by Institute of Information & communications Technology Planning & Evaluation (IITP) grant funded by the Korea government(MSIT) (No.2019-0-00533, Research on CPU vulnerability detection and validation), (No. 2019-0-01697, Development of Automated Vulnerability Discovery Technologies for Blockchain Platform Security). This research was also supported by the MSIT, Korea, under the ICT Creative Consilience program(IITP-2020-0-01819) supervised by IITP.

Publisher Copyright:
© 2020 ACM.

Keywords

  • TLS version downgrade attack
  • transport layer security 1.3
  • web browsers

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Return of version downgrade attack in the era of TLS 1.3'. Together they form a unique fingerprint.

Cite this