Vulnerability-Tolerant Transport Layer Security

Authors André Joaquim, Miguel L. Pardal, Miguel Correia

Thumbnail PDF


  • Filesize: 0.75 MB
  • 16 pages

Document Identifiers

Author Details

André Joaquim
Miguel L. Pardal
Miguel Correia

Cite AsGet BibTex

André Joaquim, Miguel L. Pardal, and Miguel Correia. Vulnerability-Tolerant Transport Layer Security. In 21st International Conference on Principles of Distributed Systems (OPODIS 2017). Leibniz International Proceedings in Informatics (LIPIcs), Volume 95, pp. 28:1-28:16, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2018)


SSL/TLS communication channels play a very important role in Internet security, including cloud computing and server infrastructures. There are often concerns about the strength of the encryption mechanisms used in TLS channels. Vulnerabilities can lead to some of the cipher suites once thought to be secure to become insecure and no longer recommended for use or in urgent need of a software update. However, the deprecation/update process is very slow and weeks or months can go by before most web servers and clients are protected, and some servers and clients may never be updated. In the meantime, the communications are at risk of being intercepted and tampered by attackers. In this paper we propose an alternative to TLS to mitigate the problem of secure commu- nication channels being susceptible to attacks due to unexpected vulnerabilities in its mechan- isms. Our solution, called Vulnerability-Tolerant Transport Layer Security (vtTLS), is based on diversity and redundancy of cryptographic mechanisms and certificates to ensure a secure communication even when one or more mechanisms are vulnerable. Our solution relies on a combination of k cipher suites which ensure that even if k − 1 cipher suites are insecure or vul- nerable, the remaining cipher suite keeps the communication channel secure. The performance and cost of vtTLS were evaluated and compared with OpenSSL, one of the most widely used implementations of TLS.
  • Secure communication channels
  • Transport layer security
  • Diversity
  • Redundancy
  • Vulnerability tolerance


  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    PDF Downloads


  1. D. Adrian, K. Bhargavan, Z. Durumeric, P. Gaudry, M. Green, J. Halderman, N. Heninger, D. Springall, E. Thomé, L. Valenta, B. Vandersloot, E. Wustrow, and S. Paul. Imperfect forward secrecy: How Diffie-Hellman fails in practice. In Proceedings of the 22nd ACM Conference on Computer and Communications Security, pages 5-1, 2015. Google Scholar
  2. M. R. Albrecht, J. P. Degabriele, T. B. Hansen, and K. G. Paterson. A surfeit of SSH cipher suites. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pages 1480-1491, 2016. Google Scholar
  3. A. Avižienis and L. Chen. On the implementation of N-version programming for software fault tolerance during execution. In Proceedings of the IEEE International Computer Software and Applications Conference, pages 149-155, 1977. Google Scholar
  4. L. Bilge and T. Dumitras. Before we knew it: an empirical study of zero-day attacks in the real world. In Proceedings of the ACM Conference on Computer and Communications Security, pages 833-844, 2012. Google Scholar
  5. A. Bogdanov, D. Khovratovich, and C. Rechberger. Biclique cryptanalysis of the full AES. In Proceedings of the 17th International Conference on the Theory and Application of Cryptology and Information Security, volume LNCS 7073, pages 344-371, 2011. Google Scholar
  6. M. Carvalho, J. DeMott, R. Ford, and D. Wheeler. Heartbleed 101. IEEE Security & Privacy, 12(4):63-67, 2014. Google Scholar
  7. M. Carvalho and R. Ford. Moving-target defenses for computer networks. IEEE Security and Privacy, 12(2):73-76, 2014. Google Scholar
  8. R. Carvalho. Authentication security through diversity and redundancy for cloud computing. Master’s thesis, Instituto Superior Técnico, Lisbon, Portugal, 2014. Google Scholar
  9. T. Dierks and E. Rescorla. The Transport Layer Security (TLS) Protocol, Version 1.2 (RFC 5246), 2008. Google Scholar
  10. ENISA. Algorithms, key size and parameters report - 2014, nov 2014. Google Scholar
  11. D. Evans, A. Nguyen-Tuong, and J. Knight. Effectiveness of moving target defenses. In Moving Target Defense, volume 54, pages 29-48. Springer, 2011. Google Scholar
  12. N. Ferguson, J. Kelsey, S. Lucks, B. Schneier, M. Stay, D. Wagner, and D. Whiting. Improved cryptanalysis of Rijndael. In Gerhard Goos, Juris Hartmanis, Jan van Leeuwen, and Bruce Schneier, editors, Proceedings of Fast Software Encryption, volume LNCS 1978, pages 213-230. Springer, 2001. Google Scholar
  13. M. Garcia, A. Bessani, I. Gashi, N. Neves, and R. Obelheiro. OS diversity for intrusion tolerance: Myth or reality? In Proceedings of the IEEE/IFIP 41st International Conference on Dependable Systems and Networks, pages 383-394, 27-30 June 2011. Google Scholar
  14. V. Gupta, S. Gupta, S. Chang, and D. Stebila. Performance analysis of elliptic curve cryptography for SSL. In Proceedings of the 1st ACM Workshop on Wireless Security, pages 87-94, 2002. Google Scholar
  15. A. Homescu, S. Neisius, P. Larsen, S. Brunthaler, and M. Franz. Profile-guided automated software diversity. In Proceedings of the 2013 IEEE/ACM International Symposium on Code Generation and Optimization, pages 1-11, 2013. Google Scholar
  16. A. Joaquim, M. L. Pardal, and M. Correia. vtTLS: A vulnerability-tolerant communication protocol. In Proceedings of the 15th IEEE International Symposium on Network Computing and Applications, pages 212-215, 2016. Google Scholar
  17. S. Kanno and M. Kanda. Addition of the Camellia cipher suites to transport layer security (TLS) (RFC 6367), 2011. Google Scholar
  18. S. Kent and K. Seo. Security architecture for the internet protocol (RFC 4301), 2005. Google Scholar
  19. T. Kleinjung, K. Aoki, J. Franke, A. Lenstra, E. Thomé, J. Bos, P. Gaudry, A. Kruppa, P. Montgomery, D. Osvik, H. Te Riele, A. Timofeev, and P. Zimmermann. Factorization of a 768-bit RSA modulus. In Proceedings of the 30th Annual Conference on Advances in Cryptology, volume LNCS 6223, pages 333-350, 2010. Google Scholar
  20. P. Larsen, A. Homescu, S. Brunthaler, and M. Franz. SoK: Automated software diversity. In Proceedings of the 2014 IEEE Symposium on Security and Privacy, pages 276-291, 2014. Google Scholar
  21. B. Littlewood and L. Strigini. Redundancy and diversity in security. In Computer Security - ESORICS 2004, 9th European Symposium on Research Computer Security, pages 227-246, 2004. Google Scholar
  22. A. Menezes, P. van Oorschot, and S. Vanstone. Hash functions and data integrity. In Handbook of Applied Cryptography, chapter 9. CRC Press, 1996. Google Scholar
  23. A. Menezes, P. van Oorschot, and S. Vanstone. Public-key encryption. In Handbook of Applied Cryptography, chapter 8. CRC Press, 1996. Google Scholar
  24. R. C. Merkle. Secrecy, Authentication, and Public Key Systems. PhD thesis, Stanford, CA, USA, 1979. Google Scholar
  25. V. Rijmen and J. Daemen. Advanced encryption standard. U.S. National Institute of Standards and Technology (NIST), 2009:8-12, 2001. Google Scholar
  26. Tom Roeder and Fred B. Schneider. Proactive obfuscation. ACM Trans. Comput. Syst., 28(2):4:1-4:54, 2010. URL:
  27. R. Seggelmann, M. Tuexen, and M. Williams. Transport layer security (TLS) and datagram transport layer security (DTLS) heartbeat extension (RFC 6520), 2012. Google Scholar
  28. Y. Sheffer, R. Holz, and P. Saint-Andre. Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS) (RFC 7457), 2015. Google Scholar
  29. P. Shor. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Journal on Scientific and Statistical Computing, 26:1484, 1995. Google Scholar
  30. P. Sousa, A. N. Bessani, M. Correia, N. F. Neves, and P. Verissimo. Highly available intrusion-tolerant services with proactive-reactive recovery. IEEE Transactions on Parallel and Distributed Systems, 21(4):452-465, 2010. Google Scholar
  31. M. Stevens. Attacks on Hash Functions and Applications. PhD thesis, Mathematical Institute, Leiden University, 2012. Google Scholar
  32. M. Stevens, E. Bursztein, P. Karpman, A. Albertini, and Y. Markov. The first collision for full SHA-1. IACR Cryptology ePrint Archive, 2017:190, 2017. Google Scholar
  33. M. Stevens, P. Karpman, and T. Peyrin. Freestart collision on full SHA-1. Cryptology ePrint Archive, Report 2015/967, 2015. Google Scholar
  34. Paulo Veríssimo, Nuno Ferreira Neves, and Miguel Correia. Intrusion-tolerant architectures: Concepts and design. In Rogério de Lemos, Cristina Gacek, and Alexander B. Romanovsky, editors, Architecting Dependable Systems [the book is a result of the ICSE 2002 Workshop on Software Architectures for Dependable Systems], volume 2677 of Lecture Notes in Computer Science, pages 3-36. Springer, 2002. URL:
  35. J. Viega, M. Messier, and P. Chandra. Network Security with OpenSSL: Cryptography for Secure Communications. O'Reilly, 2002. Google Scholar
  36. X. Wang, Y. Yin, and H. Yu. Finding collisions in the full SHA-1. In Proceedings of the 25th Annual International Conference on Advances in Cryptology, pages 17-36. Springer-Verlag, 2005. Google Scholar
  37. J. Xu, Z. Kalbarczyk, and R. K. Iyer. Transparent runtime randomization for security. In Proceedings of the 22nd International Symposium on Reliable Distributed Systems, pages 260-269, 2003. Google Scholar
  38. T. Ylonen and C. Lonvick. The secure shell (SSH) protocol architecture (RFC 4251), 2006. Google Scholar
Questions / Remarks / Feedback

Feedback for Dagstuhl Publishing

Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail