TLS clients testing

The paper presents a model-based approach to conformance testing of TLS implementations. It discusses the formal model of TLS protocol, the structure of the test suite. JavaTesK tool, based on UniTESK technology, was used to develop the test suite. A set of fuzz operators was developed for general d...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Trudy Instituta sistemnogo programmirovaniâ Ročník 27; číslo 2; s. 145 - 160
Hlavní autoři: Nikeshin, A.V., Pakulin, N.V., Shnitman, V.Z.
Médium: Journal Article
Jazyk:angličtina
Vydáno: Russian Academy of Sciences, Ivannikov Institute for System Programming 01.10.2018
Témata:
ssl
tls
unitesk
верификация
мутационное тестирование
тестирование
тестирование с использованием моделей
формальные методы
формальные спецификации
ISSN:2079-8156, 2220-6426
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:The paper presents a model-based approach to conformance testing of TLS implementations. It discusses the formal model of TLS protocol, the structure of the test suite. JavaTesK tool, based on UniTESK technology, was used to develop the test suite. A set of fuzz operators was developed for general data types and included in the test suite. We applied the test suite to a several popular implementations of TLS client, and present brief results. This approach has proved his efficiency, various errors and vulnerabilities had been found in all chosen TLS implementations.
ISSN:2079-8156
2220-6426
DOI:10.15514/ISPRAS-2015-27(2)-9