Article

Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS

Authors:

Karthikeyan Bhargavan,

Antoine Delignat Lavaud,

Cédric Fournet,

Alfredo Pironti,

Pierre Yves StrubAuthors Info & Claims

SP '14: Proceedings of the 2014 IEEE Symposium on Security and Privacy

Pages 98 - 113

https://doi.org/10.1109/SP.2014.14

Published: 18 May 2014 Publication History

Abstract

TLS was designed as a transparent channel abstraction to allow developers with no cryptographic expertise to protect their application against attackers that may control some clients, some servers, and may have the capability to tamper with network connections. However, the security guarantees of TLS fall short of those of a secure channel, leading to a variety of attacks. We show how some widespread false beliefs about these guarantees can be exploited to attack popular applications and defeat several standard authentication methods that rely too naively on TLS. We present new client impersonation attacks against TLS renegotiations, wireless networks, challenge-response protocols, and channel-bound cookies. Our attacks exploit combinations of RSA and Diffie-Hellman key exchange, session resumption, and renegotiation to bypass many recent countermeasures. We also demonstrate new ways to exploit known weaknesses of HTTP over TLS. We investigate the root causes for these attacks and propose new countermeasures. At the protocol level, we design and implement two new TLS extensions that strengthen the authentication guarantees of the handshake. At the application level, we develop an exemplary HTTPS client library that implements several mitigations, on top of a previously verified TLS implementation, and verify that their composition provides strong, simple application security.

Cited By

View all

Morio KKünnemann RLuo BLiao XXu JKirda ELie D(2024)SpecMon: Modular Black-Box Runtime Monitoring of Security ProtocolsProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3690197(2741-2755)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3690197
Linvill KKaki GWustrow E(2023)Verifying Indistinguishability of Privacy-Preserving ProtocolsProceedings of the ACM on Programming Languages10.1145/36228497:OOPSLA2(1442-1469)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3622849
Dikshit PSengupta JBajpai V(2023)Recent Trends on Privacy-Preserving Technologies under Standardization at the IETFACM SIGCOMM Computer Communication Review10.1145/3610381.361038553:2(22-30)Online publication date: 19-Jul-2023
https://dl.acm.org/doi/10.1145/3610381.3610385
Show More Cited By

Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS
1. Security and privacy

Recommendations

Cookie crumbles: breaking and fixing web session integrity
SEC '23: Proceedings of the 32nd USENIX Conference on Security Symposium

Cookies have a long history of vulnerabilities targeting their confidentiality and integrity. To address these issues, new mechanisms have been proposed and implemented in browsers and server-side applications. Notably, improvements to the Secure ...
Cookie-Proxy: A Scheme to Prevent SSLStrip Attack
Information and Communications Security
Abstract
A new Man-in-the-Middle (MitM) attack called SSLStrip poses a serious threat to the security of secure socket layer protocol. Although some researchers have presented some schemes to resist such attack, until now there is still no practical ...
A new scheme with secure cookie against SSLStrip attack
WISM'12: Proceedings of the 2012 international conference on Web Information Systems and Mining

In 2009 Moxie Marlinspike proposed a new Man-in-the- Middle (MitM) attack on secure socket layer (SSL) called SSLStrip attack at Black Hat DC, which is a serious threat to Web users. Some solutions have been proposed in literature. However, until now ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

SP '14: Proceedings of the 2014 IEEE Symposium on Security and Privacy

May 2014

694 pages

ISBN:9781479946860

Publisher

IEEE Computer Society

United States

Publication History

Published: 18 May 2014

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

39
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Morio KKünnemann RLuo BLiao XXu JKirda ELie D(2024)SpecMon: Modular Black-Box Runtime Monitoring of Security ProtocolsProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3690197(2741-2755)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3690197
Linvill KKaki GWustrow E(2023)Verifying Indistinguishability of Privacy-Preserving ProtocolsProceedings of the ACM on Programming Languages10.1145/36228497:OOPSLA2(1442-1469)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3622849
Dikshit PSengupta JBajpai V(2023)Recent Trends on Privacy-Preserving Technologies under Standardization at the IETFACM SIGCOMM Computer Communication Review10.1145/3610381.361038553:2(22-30)Online publication date: 19-Jul-2023
https://dl.acm.org/doi/10.1145/3610381.3610385
Nasrabadi FKünnemann RNemati HMeng WJensen CCremers CKirda E(2023)CryptoBap: A Binary Analysis Platform for Cryptographic ProtocolsProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623090(1362-1376)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623090
Bhargavan KCheval VWood CYin HStavrou ACremers CShi E(2022)A Symbolic Analysis of Privacy for TLS 1.3 with Encrypted Client HelloProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3559360(365-379)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3548606.3559360
Shin HKoo DHur J(2022)Secure and Efficient Hybrid Data Deduplication in Edge ComputingACM Transactions on Internet Technology10.1145/353767522:3(1-25)Online publication date: 25-Jul-2022
https://dl.acm.org/doi/10.1145/3537675
Koutsos A(2021)Decidability of a Sound Set of Inference Rules for Computational IndistinguishabilityACM Transactions on Computational Logic10.1145/342316922:1(1-44)Online publication date: 19-Jan-2021
https://dl.acm.org/doi/10.1145/3423169
Dreier JHirschi LRadomirović SSasse R(2020)Verification of stateful cryptographic protocols with exclusive ORJournal of Computer Security10.3233/JCS-19135828:1(1-34)Online publication date: 1-Jan-2020
https://dl.acm.org/doi/10.3233/JCS-191358
Massimo JPaterson KLigatti JOu XKatz JVigna G(2020)A Performant, Misuse-Resistant API for Primality TestingProceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security10.1145/3372297.3417264(195-210)Online publication date: 30-Oct-2020
https://dl.acm.org/doi/10.1145/3372297.3417264
(2019)A delegation token-based method to authenticate the third party in TLSInternational Journal of High Performance Computing and Networking10.5555/3319261.331926513:2(164-174)Online publication date: 1-Jan-2019
https://dl.acm.org/doi/10.5555/3319261.3319265
Show More Cited By

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Recommendations

Cookie crumbles: breaking and fixing web session integrity

Cookie-Proxy: A Scheme to Prevent SSLStrip Attack

A new scheme with secure cookie against SSLStrip attack

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations