CS38, Security and Privacy, Spring 2005

SSL links

  • SSL/TLS Diagrams,
    http://www.tech-invite.com/Ti-SSL.html
    Wonderfully drawn SSL handshake diagrams. Go straight to the PDFs linked from the page.

  • SSL v3 implementation traces, Nelson Bolyard
    http://wp.netscape.com/eng/ssl3/traces/
    Traces of SSL packets exchanged between the client and the server, in both export variant and stronger domestic variant. Shows computation of all exchanged and internally computed values.

  • Security of CBC Ciphersuites in SSL/TLS: Problems and Countermeasures, Bodo Möller
    http://www.openssl.org/~bodo/tls-cbc.txt
    An overview of CBC-related problems with SSL implementations.

  • CBC padding implementation-based attack on SSL, Brice Canvel
    http://lasecwww.epfl.ch/memo_ssl.shtml
    CBC padding attack (mentioned above) in depth. The tool for this attack is posted at [http://omen.vuagnoux.com/]

    Back to Dartmouth CS Home Page     Sergey Bratus