Section: New Software and Platforms

flexTLS

Participants : Karthikeyan Bhargavan [correspondant] , Alfredo Pironti, Benjamin Beurdouche.

flexTLS is a TLS testing framework based on miTLS, and is released as part of the miTLS distribution. Unlike miTLS, flexTLS can be configured to run incorrect TLS clients and servers in order to test other TLS implementations. Using flexTLS we analyzed a series of open source TLS implementations and found important vulnerabilities like SKIP and FREAK. We also used flexTLS to build proof-of-concept demos for other attacks such as Logjam.

A paper describing flexTLS was published at Usenix WOOT 2015. The software and associated research materials are available from http://mitls.org .