statelearner icon indicating copy to clipboard operation
statelearner copied to clipboard

Published 20 hours ago verified publisher icon jderuiter

Steps for extending the ciphersuite of the statelearner

Open Archer6621 opened this issue 5 years ago • 2 comments

Hello @jderuiter, I would like to use the statelearner on some of the newer TLS libraries/implementations out there to compare their state machines to some of the ones tested in your paper (Protocol state fuzzing of TLS implementations), one of them being rustls. One problem is that there doesn't seem to be any overlap in the ciphersuites either of them use, namely:

Ciphersuites used by statelearner:

	TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
	TLS_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
	TLS_RSA_WITH_3DES_EDE_CBC_SHA

Ciphersuites used by rustls:

    // TLS1.3 suites
     TLS13_CHACHA20_POLY1305_SHA256
     TLS13_AES_256_GCM_SHA384
     TLS13_AES_128_GCM_SHA256

     // TLS1.2 suites
     TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
     TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
     TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
     TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
     TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
     TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

I would like to add the TLS1.2 suite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 to statelearner, but is not clear to me what steps are necessary for doing this. So far I found the byte values that should go in the ClientHello for indicating usage of this suite, namely {0xC0, 0x2F}. I know the Java 8 security package has support for this ciphersuite as well, but from the code it is not clear to me how I can make use of this to extend statelearner.

Any ideas?

Archer6621 avatar Apr 13 '19 12:04 Archer6621

Thanks for your interest in the project. There will be a bit more changes required than just the couple of bytes in the ClientHello message. However, the TLS part of this tool is not actively maintained at the moment anymore. Instead you could use another project TLSAttackerConnector to connect to StateLearner and construct and send the TLS messages using TLS-Attacker. This gives you more flexibility in the messages and algorithms that you can use. It was also used for TLS 1.3, but I'm not sure that code is already included. When using this approach you use the socket module of StateLearner to connect to TLSAttackerConnector.

jderuiter avatar Apr 16 '19 13:04 jderuiter

@jderuiter Thanks a lot for the response, I'll check it out :)

Archer6621 avatar Apr 17 '19 21:04 Archer6621