X.509 certificate error testing

David McLuskie; Xavier Bellekens

doi:10.1145/3230833.3232820

X.509 certificate error testing

David McLuskie, Xavier Bellekens

Division of Cybersecurity

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

216 Downloads (Pure)

Abstract

X.509 Certificates are used by a wide range of technologies to verify identities, while the SSL protocol is used to provide a secure encrypted tunnel through which data can be sent over a public network. Combined both of these technologies provides the basis of the public key infrastructure (PKI). While the concept of PKI is a good idea, the different implementation of the technologies in different operating system and clients often lead to weaknesses. This paper proposes a methodology to automate the testing of SSL clients by generating both bogus and malformed certificates in order to evaluate the client’s response and identify potential threats to network infrastructures.

Original language	English
Title of host publication	Proceedings of the 13th International Conference on Availability, Reliability and Security
Publisher	Association for Computing Machinery (ACM)
Number of pages	8
ISBN (Print)	9781450364485
DOIs	https://doi.org/10.1145/3230833.3232820
Publication status	Published - 27 Aug 2018
Event	13th International Conference on Availability, Reliability and Security (ARES 2018) - University of Hamburg, Hamburg, Germany Duration: 27 Aug 2018 → 30 Aug 2018 Conference number: 13 https://www.ares-conference.eu/

Conference

Conference	13th International Conference on Availability, Reliability and Security (ARES 2018)
Abbreviated title	ARES 2018
Country/Territory	Germany
City	Hamburg
Period	27/08/18 → 30/08/18
Internet address	https://www.ares-conference.eu/

Keywords

X.509
SSL
PKI
Certificates
Certificate authority

Access to Document

10.1145/3230833.3232820

McLuskie_X.509CertificateErrorTesting_Author_2018Accepted author manuscript, 481 KB

Cite this

@inproceedings{8811d43e38074cd8817f80ecaf9d5fc4,

title = "X.509 certificate error testing",

abstract = "X.509 Certificates are used by a wide range of technologies to verify identities, while the SSL protocol is used to provide a secure encrypted tunnel through which data can be sent over a public network. Combined both of these technologies provides the basis of the public key infrastructure (PKI). While the concept of PKI is a good idea, the different implementation of the technologies in different operating system and clients often lead to weaknesses. This paper proposes a methodology to automate the testing of SSL clients by generating both bogus and malformed certificates in order to evaluate the client{\textquoteright}s response and identify potential threats to network infrastructures.",

author = "David McLuskie and Xavier Bellekens",

year = "2018",

month = aug,

day = "27",

doi = "10.1145/3230833.3232820",

language = "English",

isbn = "9781450364485",

booktitle = "Proceedings of the 13th International Conference on Availability, Reliability and Security",

publisher = "Association for Computing Machinery (ACM)",

address = "United States",

note = "13th International Conference on Availability, Reliability and Security (ARES 2018), ARES 2018 ; Conference date: 27-08-2018 Through 30-08-2018",

url = "https://www.ares-conference.eu/",

}

TY - GEN

T1 - X.509 certificate error testing

AU - McLuskie, David

AU - Bellekens, Xavier

N1 - Conference code: 13

PY - 2018/8/27

Y1 - 2018/8/27

N2 - X.509 Certificates are used by a wide range of technologies to verify identities, while the SSL protocol is used to provide a secure encrypted tunnel through which data can be sent over a public network. Combined both of these technologies provides the basis of the public key infrastructure (PKI). While the concept of PKI is a good idea, the different implementation of the technologies in different operating system and clients often lead to weaknesses. This paper proposes a methodology to automate the testing of SSL clients by generating both bogus and malformed certificates in order to evaluate the client’s response and identify potential threats to network infrastructures.

AB - X.509 Certificates are used by a wide range of technologies to verify identities, while the SSL protocol is used to provide a secure encrypted tunnel through which data can be sent over a public network. Combined both of these technologies provides the basis of the public key infrastructure (PKI). While the concept of PKI is a good idea, the different implementation of the technologies in different operating system and clients often lead to weaknesses. This paper proposes a methodology to automate the testing of SSL clients by generating both bogus and malformed certificates in order to evaluate the client’s response and identify potential threats to network infrastructures.

U2 - 10.1145/3230833.3232820

DO - 10.1145/3230833.3232820

M3 - Conference contribution

SN - 9781450364485

BT - Proceedings of the 13th International Conference on Availability, Reliability and Security

PB - Association for Computing Machinery (ACM)

T2 - 13th International Conference on Availability, Reliability and Security (ARES 2018)

Y2 - 27 August 2018 through 30 August 2018

ER -

X.509 certificate error testing

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this