Lucky Thirteen: Breaking the TLS and DTLS Record Protocols
Top Cited Papers
Open Access
- 1 May 2013
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- No. 10816011,p. 526-540
- https://doi.org/10.1109/sp.2013.42
Abstract
The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data in transit across untrusted networks. TLS has become the de facto secure protocol of choice for Internet and mobile applications. DTLS is a variant of TLS that is growing in importance. In this paper, we present distinguishing and plaintext recovery attacks against TLS and DTLS. The attacks are based on a delicate timing analysis of decryption processing in the two protocols. We include experimental results demonstrating the feasibility of the attacks in realistic network environments for several different implementations of TLS and DTLS, including the leading OpenSSL implementations. We provide countermeasures for the attacks. Finally, we discuss the wider implications of our attacks for the cryptographic design used by TLS and DTLS.Keywords
This publication has 12 references indexed in Scilit:
- Lucky Thirteen: Breaking the TLS and DTLS Record ProtocolsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2013
- AES-CCM Cipher Suites for Transport Layer Security (TLS)Published by RFC Editor ,2012
- Datagram Transport Layer Security Version 1.2Published by RFC Editor ,2012
- Transport Layer Security (TLS) Extensions: Extension DefinitionsPublished by RFC Editor ,2011
- On the soundness of authenticate-then-encryptPublished by Association for Computing Machinery (ACM) ,2010
- Hey, you, get off of my cloudPublished by Association for Computing Machinery (ACM) ,2009
- AES Galois Counter Mode (GCM) Cipher Suites for TLSPublished by RFC Editor ,2008
- Datagram Transport Layer SecurityPublished by RFC Editor ,2006
- The TLS Protocol Version 1.0Published by RFC Editor ,1999
- HMAC: Keyed-Hashing for Message AuthenticationPublished by RFC Editor ,1997