FlexTLS: A Tool for Testing TLS Implementations

FlexTLS is a tool for rapidly prototyping and testing implementations of the Transport Layer Security (TLS) protocol. FlexTLS is built upon miTLS, a verified implementation of TLS, and hence protocol scenarios written in FlexTLS can benefit from robust libraries for messaging and cryptography. Conversely, attack scripts in FlexTLS can be used to evaluate and communicate the impact of new protocol vulnerabilities.

FlexTLS was used to discover recent attacks on TLS implementations, such as SKIP and FREAK, as well as to program the first proof-of-concept demos for FREAK and Logjam. It is also being used to experiment with proposed designs of the upcoming version 1.3 of TLS. Our goal is to create a common platform where protocol analysts and practitioners can easily test TLS implementations and share protocol designs, attacks or proofs. Here is an overview of the modular architecture of FlexTLS:

FlexTLS Overview

SmackTest: Live state machine attacks

We introduce SmackTest.com,which allows anyone to test their web browser against continuously evolving SmackTLS traces. SmackTest reflects the results that can be obtained using FlexTLS without the necessity of having to build or install it locally. The interface parses FlexTLS output as it runs traces against the user’s browser or client and gives feedback on its security. When a deviant or uncompliant handshake goes through, the user is shown a warning and can explore the trace generated by FLEXTLS when the SmackTLS scenario is executed. We aim for SmackTest to be a continuously expansible framework and a service to allow for further client-side testing.