IIIT-Delhi Institutional Repository
Exploiting TLS to disrupt privacy of traffic in web-application
- Home
- →
- Computer Science and Engineering
- →
- MTech Theses
- →
- Year-2014
- →
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Biswas, Sandipan | |
| dc.contributor.author | Sanadhya, Somitra Kumar (Advisor) | |
| dc.date.accessioned | 2014-05-02T08:34:28Z | |
| dc.date.available | 2014-05-02T08:34:28Z | |
| dc.date.issued | 2014-05-02T08:34:28Z | |
| dc.identifier.uri | https://repository.iiitd.edu.in/jspui/handle/123456789/135 | |
| dc.description.abstract | The Transport Layer Protocol (TLS) ensures con dentiality and integrity of tra c between communicating parties over internet. Almost all web applications commonly use TLS. A block cipher (such as AES, Camellia etc.) is used in a mode of operation (such as CBC, GCM etc.) to achieve con dentiality. If the message length is not a multiple of the block size of the underlying cipher in CBC mode, then message is padded suitably to make it of the right length. Although CTR mode does not necessarily require message padding but if the sender wishes to hide exact message length from attackers, then message padding can be used even in this mode. Chen et. al at IEEE SP (2010) described techniques based on di erent packet sizes generated as various events take place in web applications to infer the state of the web-application. This attack could allow an attacker to breach the privacy of the user. At PETS 2012, Liu. et. al. proposed a scheme to pad messages in a group to make all the packets of the same size to achieve k-indistinguishability. They claimed that this scheme could withstand the attacks described in Chen et. al's work. In this work, we analyze privacy and security aspects of encryption modes, padding schemes and order of padding of messages in TLS during encrypted communication between client and web-application on the server. We show that using padding schemes to pad all packets to hide message sizes during communication without considering underlying encryption modes and padding methodology is not safe . We consider the technique of Liu et. al when certain combinations of encryption modes and padding schemes are used in TLS. We show that k-indistinguishability of packets does not always hold. In particular, we describe a chosen ciphertext attack to show that the MACPAD- ENCRYPT model to generate ciphertext in the TLS record protocol helps the attacker in disrupting privacy of tra c under certain conditions. We also show how a similar attack can be carried out on CCMP protocol used in WPA2 to maintain con dentiality and integrity in wireless networks if MAC-PAD-ENCRYPT is followed. | en_US |
| dc.language.iso | en_US | en_US |
| dc.subject | Side Channel Attack | en_US |
| dc.subject | TLS | en_US |
| dc.subject | Padding | en_US |
| dc.subject | Privacy | en_US |
| dc.subject | WPA2 | en_US |
| dc.subject | k-indistinguishability | en_US |
| dc.title | Exploiting TLS to disrupt privacy of traffic in web-application | en_US |
| dc.type | Thesis | en_US |
Files in this item
This item appears in the following Collection(s)
-
Year-2014 [30]