Publication Details

SSL/TLS Interception Workshop (TLS1.3 edition)

PLUSKAL, J. SSL/TLS Interception Workshop (TLS1.3 edition). Dubai: 2020. p. 0-0.
Czech title
Workshop na analýzu obsahu SSL/TLS (edice TLS 1.3)
Type
presentation
Language
English
Authors
Pluskal Jan, Ing., Ph.D. (DIFS)
Keywords

SSL, TLS, MitmM

Abstract

The presentation introduces methods for intercepting TLS/SSL connections. The
focus is on man-in-the-middle attack employing proxy and other ways how to obtain
unencrypted content of the TLS/SSL session. Speakers outline necessary theory
(including news about TLS 1.3), well-known attacks (e.g., renegotiation,
downgrade, cipherspec change, and others) and industry-standard tools (such as
Wireshark, NetFox Detective, Fiddler Proxy and SSL-Split). The session also
includes a live demonstration of the MitM attack on HTTPS connections enhanced
with form-logging JavaScript injection. Participants will receive free of charge
access to the testbed, which consists of real devices (and their traffic),
including the prototype of our hardware probe decrypting SSL/TLS on-the-fly.

Published
2020
Pages
60
Place
Dubai
BibTeX 
@misc{BUT176593,
  author="Jan {Pluskal}",
  title="SSL/TLS Interception Workshop (TLS1.3 edition)",
  year="2020",
  pages="60",
  address="Dubai",
  note="presentation"
}
Back to top