Hi,
I add a few bullets to the list.
you should also check the handshake. Are the DES, RC4 or no-encryption
options enabled? What are the defaults?
If clients and server are fixed, or added in a controlled way, you may
want to add the requirement of mutual authentication!
What about random number generation? Can one force the server to reuse
symmetric keys? Are there any race conditions in the implementation?
On the other hand, if the crypto has been implemented from scratch, then
you might want to check it for binary vulnerabilities. Else, if you
match this crypto with a known library, do check if there are any
reported bugs for this library.
Cheers,
Ariel
Julien wrote:
Hi,
This is my first post on this list :)
I have to test TLS implementation on our product. Ths goal is not to
discover a threat in TLS but to find threat in our implementation.
In my test I'll do :
- MitM
- Replay attack (I think it will not be possible because of TLS
timestamps )
- Dos
- Sniffing (to check that all communications are encrypted)
What other tests could be done ?
Thanks
Julien
PS : Sorry for my english ...
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
