Please use this identifier to cite or link to this item:
Full metadata record
DC FieldValueLanguage
dc.contributor.authorLonardo, Jekoen_US
dc.description.abstractSSL-TLS Protocol was designed and developed to provide a secure channel for internet communications. It is a means to protect web applications against malicious third parties that may try to eavesdrop, tamper, or even interrupt the network connections between client and server. However, being a security protocol with encryption does not guarantee it is infallible. Several SSL-TLS vulnerabilities have been found and exploited since its introduction in 1994 [1]. Some examples of well-known attacks were BEAST, CRIME, POODLE, and SSL Stripping [2]. In this report, we will study two types of vulnerabilities that may affect SSL-TLS (implementation-based and protocol-based). The focus will be placed on TLS v1.2, as this protocol is the most widely supported on the Internet at the time of writing this report [3]. We will do a detailed study on HEARTBLEED as an implementation-based vulnerability, and 3SHAKE as a protocol-based vulnerability. For each of these vulnerabilities, we will study the root causes, how it was exploited into an attack, its impacts, as well as the countermeasures. Furthermore, we will also discuss and compare the two vulnerabilities.en_US
dc.publisherNanyang Technological Universityen_US
dc.subjectEngineering::Computer science and engineeringen_US
dc.titleSSL-TLS security flaws : HEARTBLEED and 3SHAKE attacksen_US
dc.typeFinal Year Project (FYP)en_US
dc.contributor.supervisorTay Kian Boonen_US
dc.contributor.schoolSchool of Computer Science and Engineeringen_US
dc.description.degreeBachelor of Engineering (Computer Science)en_US
item.fulltextWith Fulltext-
Appears in Collections:SCSE Student Reports (FYP/IA/PA/PI)
Files in This Item:
File Description SizeFormat 
U1620133D-Jeko Lonardo-FYP Report.pdf
  Restricted Access
2.28 MBAdobe PDFView/Open

Page view(s)

Updated on Jun 28, 2022

Download(s) 50

Updated on Jun 28, 2022

Google ScholarTM


Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.