Attacks on devices using SSL/TLS

Abstract

Security and reliability are currently the most important aspects of communication systems. This has led us to focus on the issues associated with Padding Oracle Attack. Our aim is to improve the teaching of this subject to students in the field of Communication and Information Systems. A model of the attack has been created in the application CipherCAD. This model makes it possible to monitor the development of the attack over time, measure its difficulty and amend any part of the conditions. Models have also been created of the connections using various versions of the SSL/TLS protocol. Randomly-selected servers have been tested using the models created. The aim of the tests was to reveal a badly-implemented protocol which allowed the attack to take place.