Test Suite development for verification of TLS security protocol
https://doi.org/10.15514/ISPRAS-2012-23-22
Abstract
Despite the fact that TLS and its predecessor SSL are in use for more than 15 years, there are no accepted public conformance test suite for those protocols. Implementers do have their own test suites, but the primary objective of those tests are internals of the corresponding implementation rather than conformance against the standard. Furthermore, such tests are too much implementation specific to be used to be used for implementation other than they were developed for. In general it is impossible to test a TLS/SSL implementation with tests from another implementation. The paper presents an approach to conformance testing of TLS/SSL server implementations. The approach is based on Model- Based Testing methodology. A test suite was developed and propped against a number of open TLS/SSL server implementations. The developed approach to conformance testing is based on automated testing against formal specifications. Requirements in the text specification are statements in a natural language, describing desired behavior of TLS implementations. Following the approach used we elicited more than 300 functional requirements to server implementations and formalized in the specification extension of Java language. The language used is part of UniTESK family of MBT technologies. Using the extension, the protocol model is presented as a contract specification with pre- and postcondition defining constraints on the allowed behavior. The specification is backed with a technique for on-the-fly test construction provided by UniTESK tools. We tried the test suite against three open implementations of TLS. Testing revealed discrepancies with the standard in all three implementations, and one implementation suffers from violation of a critical requirement. The work proved that the proposed approach to verification, based on protocol modeling with contract specifications, provides efficient automation of protocols as complex as security protocols. Furthermore, thanks to formal models, the tests have well-defined and trackable coverage criteria that greatly enhances quality of testing.
About the Authors
A. V. Nikeshin
ISP RAS, Moscow
Russian Federation
Russian Federation
N. V. Pakulin,
ISP RAS, Moscow
Russian Federation
Russian Federation
V. Z. Shnitman.
ISP RAS, Moscow
Russian Federation
Russian Federation
References
1. IETF RFC 2246. Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", January 1999.
2. IETF RFC 3268. Chown, P., "Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)", June 2002.
3. IETF RFC 3546. Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., and T. Wright, "Transport Layer Security (TLS) Extensions", June 2003.
4. IETF RFC 4346. Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.1", April 2006.
5. IETF RFC 4366. Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., and T. Wright, "Transport Layer Security (TLS) Extensions", April 2006.
6. IETF RFC 4507. Salowey, J., Zhou, H., Eronen, P., and H. Tschofenig, "Transport Layer Security (TLS) Session Resumption without Server-Side State", May 2006.
7. IETF RFC 4680. Santesson, S., "TLS Handshake Message for Supplemental Data", October 2006.
8. IETF RFC 4681. Santesson, S., Medvinsky, A., and J. Ball, "TLS User Mapping Extension", October 2006.
9. IETF RFC 5077. Salowey, J., Zhou, H., Eronen, P., and H. Tschofenig, "Transport Layer Security (TLS) Session Resumption without Server-Side State", January 2008.
10. IETF RFC 5246. Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2", August 2008.
11. IETF RFC 5746. E. Rescorla, M. Ray, S. Dispensa, N. Oskov. Transport Layer Security (TLS) Renegotiation Indication Extension. February 2010.
12. Bourdonov I., Kossatchev A., Kuliamin V., Petrenko A. UniTesK Test Suite Architecture // Proceedings of FME, LNCS 2391. Springer-Verlag, 2002. P. 77-88.
13. Bourdonov I.B., Demakov A.V., Jarov A.A., Kossatchev A.S., Kuliamin V.V., Petrenko A.K. and Zelenov S.V. Java Specification Extension for Automated Test Development // Proceedings of PSI’2001. Novosibirsk, Russia July 2-6 2001, LNCS 2244:301-307. Springer-Verlag, 2001.
14. Н.В. Пакулин. Формализация стандартов и тестовых наборов протоколов Интернета. Автореферат диссертации на соискание учёной степени кандидата физико-математических наук. Москва, 2006.
15. Н.В. Пакулин, А.В. Хорошилов "Разработка формальных моделей и тестирование соответствия для систем с асинхронными интерфейсами и телекоммуникационных протоколов", Журнал "Программирование" № 5, 2007 г., ISSN 0132-3474, с. 1-29.
16. А.В. Никешин, Н.В. Пакулин, В.З. Шнитман "Разработка тестового набора для верификации реализаций протокола безопасности IPsec v2", Труды Института системного программирования РАН, т. 18, 2010, стр. 151-182.
17. А.В. Никешин, Н.В. Пакулин, В.З. Шнитман "Верификация функций безопасности протокола IPsec v2", Журнал "Программирование" № 1, 2011, стр. 36-56.
Review
For citations:
Nikeshin A.V., Pakulin, N.V., Shnitman. V.Z. Test Suite development for verification of TLS security protocol. Proceedings of the Institute for System Programming of the RAS (Proceedings of ISP RAS). 2012;23. (In Russ.) https://doi.org/10.15514/ISPRAS-2012-23-22
Email this article 