2023 IEEE 12th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications

(IDAACS) | 979-8-3503-5805-6/23/$31.00 ©2023 IEEE | DOI: 10.1109/IDAACS58523.2023.10348784

The 12th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications
7-9 September, 2023, Dortmund, Germany

Exploring the Vulnerabilities and

Countermeasures of SSL/TLS Protocols in Secure
Data Transmission Over Computer Networks
Fidan Bozkurt 1, Mustafa Kara 2, Muhammed Ali Aydın 3, Hasan Hüseyin Balik 4
1
Department of Computer Engineering National Defence University Istanbul, Turkey, [email protected]
2
Department of Computer Engineering Air Force Academy, National Defence University Istanbul, Turkey,
[email protected]
3
Muhammed Ali Aydın Department of Computer Engineering Istanbul University-Cerrahpa a Istanbul, Turkey,
[email protected]
4
Hasan Hüseyin Balık Department of Computer Engineering stanbul Aydın University Istanbul, Turkey,
[email protected]

Abstract—The expansion of computer networks and the Today's developments in the internet world enable the
increase in information sharing over the internet platform fastest possible access to information, both in individual
have raised the issue of data security during transmission. and institutional terms, while providing end-to-end
SSL (Secure Socket Layer) and its more secure and updated communication and online transactions. However, they
version, TLS (Transport Layer Security), are encryption
also bring certain security risks. Data transmitted over the
and authentication protocols designed for secure
communication over computer networks. Unfortunately, the internet infrastructure can contain confidential and
SSL/TLS protocol structure established to ensure the sensitive content. The SSL/TLS protocol is used to protect
security of the transmitted data has become a target for data transmission. SSL stands for Secure Sockets Layer
malicious attackers. This article will discuss the versions of and is a cryptographic encryption protocol that enables the
the SSL/TLS protocols, their operational structure, encryption and authentication process between the client
weaknesses in the SSL/TLS protocol, the attacks carried out and server. The TLS protocol, previously known as SSL,
through these weaknesses, and the measures that can be encrypts communication between clients and servers on
taken against them. the web [1]. TLS, which stands for Transport Layer
Security, can be defined as an advanced version of the
Keywords—computer network; TLS; secure data
transmission ; network attacks SSL protocol [2]. However, both protocols still commonly
use SSL as a generic term. The TLS protocol provides
encryption, authentication, and data integrity. The
I. INTRODUCTION
security of the TLS protocol is based on robust, well-
TLS (Transport Layer Security) is a widely-used established cryptographic algorithms [3].
security protocol designed to protect the confidentiality SSL and its successor, TLS, are widely used protocols
and integrity of data transmitted over the internet. TLS for securing communication over the internet. However,
establishes a secure connection and ensures that people despite their widespread use and the high level of security,
send and receive data encrypted for transmission over the SSL/TLS has several weaknesses that can leave encrypted
network. TLS protocol is scrambled and unreadable to communication vulnerable to attacks. One such weakness
anyone who might try to intercept it. TLS secures many is the susceptibility of SSL/TLS to man-in-the-middle
internet communications, including email, file transfers, (MITM) attacks, in which an attacker intercepts the
and online transactions. It is vital for protecting sensitive communication between two parties and alters it. Another
information, such as passwords and financial data. In weakness is the lack of proper certificate validation, which
addition to protecting the confidentiality of can result in an attacker obtaining a valid SSL/TLS
sending/receiving data, TLS also helps to ensure the certificate for a malicious website and stealing sensitive
integrity of the information people send and read over the information from unsuspecting victims. Additionally, the
internet. This means it helps prevent someone from use of weak encryption algorithms and outdated versions
altering the data in transit, ensuring that people receive the of SSL/TLS can also result in vulnerabilities.
same data. Overall, TLS is an essential tool for protecting Furthermore, using SSL/TLS does not guarantee the
internet communications and helping to keep people's website's authenticity, as an attacker can mimic the
sensitive information safe. website and steal sensitive information.

979-8-3503-5805-6/23/$31.00 ©2023 IEEE 400

Authorized licensed use limited to: Mukesh Patel School of Technology & Engineering. Downloaded on April 08,2025 at 14:46:49 UTC from IEEE Xplore. Restrictions apply.
 II. RELATED WORK secure connection between two parties and exchanging
When the literature is examined, A. Aayush et al. [4] encrypted messages. Correspondingly, it helps to ensure
explained how the communication between the client and the exchanged messages' confidentiality, integrity, and
server is performed based on the HTTPS protocol and authenticity.
discussed the cryptographic vulnerabilities of the system. A. SSL/TLS Protocol Structure
On the other hand, O. Ivanov et al. [5] extensively
The SSL/TLS protocol is composed of two layers and
discussed the TLS protocol versions and the differences
several protocols. As shown in Fig. 1, the SSL/TLS
between these versions. Vulnerabilities in the TLS
protocols work between the application layer and the
protocol, such as BEAST, CRIME, BREACH, and transport layer [12]. The SSL/TLS protocol consists of the
DROWN, were identified, and the measures that can be handshake layer and the record layer. The handshake layer
taken were explained. P. Sirohi et al. [6] chronologically
contains the Handshake, Change Cipher Spec, and Alert
arranged the attacks on the SSL/TLS protocol in the last
protocols, while the record layer contains the Record
22 years. It was emphasized that there are current attacks
protocol. The SSL/TLS protocol is widely used in web
on the SSL/TLS protocol and that security measures need sites and web applications along with the HTTP protocol.
to be taken. Another study by T. Radivilova et al. [7] In addition, it is used by many other services and
revealed vulnerabilities by discussing the tools and
protocols such as email (SMTP, POP, and IMAP
methods that analyze SSL/TLS traffic and check whether
protocols), FTP, virtual private networks (SSL/TLS
the traffic is malicious. J. urguz [8] analyzed the
VPNs), and network devices.
SSL/TLS protocol vulnerabilities in their study. These
studies highlight the importance of exploring the
vulnerabilities and countermeasures of SSL/TLS protocols
in secure data transmission over computer networks.
Berbecaru et al. [9] propose a TLS-Monitor tool to detect
and prevent TLS attacks. This tool monitors network
traffic, detects potential vulnerabilities, and prevents
attacks by taking the necessary measures. The tool has
been applied and tested for selected attack scenarios.
Platenka et al. [10] created Padding Oracle attack models
using various SSL/TLS protocol versions with the Figure 1. SSL/TLS Protocol Layers [13]
CipherCAD application. These models have been tested
on randomly selected servers to identify weak points that The Record protocol ensures the secure connection by
might enable attacks due to poorly implemented protocols. encapsulating various protocols. The Handshake protocol
Kumari and Mohapatra [11] examined the performance of is the protocol where the client and server authentication
the TLS 1.3 protocol, its advantages compared to TLS 1.2, is performed. Before data communication, it allows
and its potential for improvement. Although TLS 1.3 encryption keys to be used by using encryption
demonstrated successful efficiency, security, and algorithms. Communication between the server and client
interaction performance, they emphasize that specific using encrypted data is achieved through the SSL/TLS
vulnerabilities still exist in current techniques and that Handshake protocol [15].
improvements are needed to align TLS 1.3 with the The handshake process is explained in the following
targeted standards. steps [13]:
• The client sends a Hello message to the server.
III. SSL/TLS WORKING MECHANISM The Hello message contains information such as
TLS is a protocol that provides secure communication RandomNumber, SessionID, Ciphersuite,
over a computer network and is widely used to secure ClientTLSversion, and CompressionMethod.
internet communications, including email, file transfers, • The server receives the Hello message from the
and Voice-over IP (VoIP). The TLS protocol establishes a client and sends a modified Hello message to the
secure connection between two parties, a client and a client, changing the CipherSuite and
server. The connection is established using a handshake RandomNumber information.
process, during which the parties exchange messages to • The client responds with a key exchange message
establish the details of the connection, such as the to establish communication for the session.
protocols and cryptographic algorithms used. Once the • Sends the ChangeCipherSpec message to the
connection is established, the parties can communicate server to indicate that future messages will be
securely over the network by exchanging encrypted encrypted and authenticated by the client.
messages. The encryption keys used to encrypt and • Secure communication between client and server
decrypt the messages are generated during the handshake starts with the Finished message.
process and are unique to that connection. In summary,
the TLS protocol provides a mechanism for establishing a

401

Authorized licensed use limited to: Mukesh Patel School of Technology & Engineering. Downloaded on April 08,2025 at 14:46:49 UTC from IEEE Xplore. Restrictions apply.
 B. Session Resumption TABLE I. SSL/TLS CIPHER SUITE ALGORITHMS
Session renewal may be requested by the server or the
Function Algorithm
client.
1) The server that wants to refresh the session: When Key Exchange RSA, Diffie-Hellman(DH), ECDH, ECDHE,
responding to the ClientHello message, the server SRP, PSK
Authentication RSA, DSA, ECDSA, PKCS#1 v1.5, RSA-
conveys the SessionID information assigned to PSS( PKCS#1 v2.1.)
the session when it was first established to the Batch Encryption RC4, 3DES, AES, CBC
client through the ServerHello message. This
information allows the server and client to quickly Message HMAC-SHA256, HMAC-SHA1, HMAC-
start the session by using the key sharing Authentication MD5
information used in a previous handshake
scenario. The TLS 1.2 protocol process is indicated to start with
2) If the party that wants to renew the session is the ECDHE, where the keys are temporarily changed through
client: The client sends the SessionID information the Elliptic Curve Diffie Hellman (ECDHE) algorithm
to the server in the ClientHello message. If the during the handshake. RSA manages the authentication
server returns the same SessionID information in algorithm process. AES_128_GCM is the bulk encryption
the ServerHello message, it means that the session algorithm with a 128-bit key size running the AES in
has accepted to be renewed. The server and client Galois Counter Mode (GCM), and SHA-256 is stated to
create a new key value by using the previously be the hashing algorithm used—the TLS 1.3 Cipher Suite
agreed master secret value. This way, the network structure. There are only two algorithms in this cipher
load is reduced and handshaking is performed package, encryption, and hash. During the TLS
faster [16]. handshake, less communication between the client and
C. Cipher Suites server results in a faster handshake. There are two ways to
combine MACs and CBC mode ciphers. The plain text is
A cipher suite is a structure that enables secure
encrypted first, then the encrypted text uses MAC, or the
communication between client and server, by mutually
plain text uses MAC first, and then everything is
supporting it. Fig. 2, shows the main categories for cipher
encrypted. In TLS 1.3, RSA-PSS (PKCS#1 v2.1) instead
suites in TLS 1.2 version. The working sequence for the
of AEAD and PKCS#1 v1.5, which combines encryption
main categories is: Authentication, Key Exchange, Bulk
and integrity in a single seamless process, increases the
Cipher-Encryption, Message Authentication Code (MAC)
security of the cipher package.
- Hashing Algorithm, in that order.
IV. VULNERABILITIES AND PRECAUTIONS ON THE
SSL/TLS PROTOCOL
Although the SSL/TLS protocol protects data,
security vulnerabilities in the protocol make it weaker
and can lead to man-in-the-middle attacks. The security
vulnerabilities in the SSL/TLS protocol and the attacks
that exploit these vulnerabilities are discussed below,
along with the measures taken. There are a few known
cryptographic weaknesses in SSL/TLS, the protocols
used to secure internet communications. Some of the
most notable ones include such as Poodle, Heartbleed,
Freak, Logjam.
A. Version Rollback Policy
It is generally not a good idea to allow version
Figure 2. Working Order of Cipher Suites Main Categories
rollback, as it can introduce system vulnerabilities. When
a new software version is released, it typically includes
Authentication specifies how the server and client will
security fixes and other updates that address known
perform authentication. Key Exchange determines the way
issues. Allowing users to roll back to an older software
symmetric keys will be exchanged. Bulk Cipher-
version means they will no longer have access to these
Encryption specifies which symmetric key algorithm will
security updates, potentially leaving their systems open to
be used to encrypt actual data. Message Authentication
attack. Instead of allowing version rollback, it is
Code (MAC) – Hashing Algorithm specifies the method
generally recommended to encourage users to update
to be used to perform data integrity checks for the
their software. This ensures that they have the latest
connection.
security fixes and other updates, which can help to
Table I shows the algorithms used in the Cipher Suite.
protect their systems against known vulnerabilities.

402

Authorized licensed use limited to: Mukesh Patel School of Technology & Engineering. Downloaded on April 08,2025 at 14:46:49 UTC from IEEE Xplore. Restrictions apply.
 Examples of this attacks include the Poodle, Freak, Beast, conjunction with the SSL 3.0 and TLS 1.0 protocols.
and Sloth attacks. While it has been largely mitigated by using newer
Poodle: (Padding Oracle On Downgraded Legacy versions of TLS, such as TLS 1.1 and TLS 1.2, which do
Encryption) This vulnerability allows an attacker to not use RC4, it is still a concern for systems that continue
decrypt certain parts of an SSL/TLS session by to use SSL 3.0 or TLS 1.0. The symmetric encryption
repeatedly sending specially crafted packets to the server used in SSL version 3.0 is the RC4 stream encryption
and exploiting a weakness in the way the server handles method. The RC4 method is considered insecure because
padding bytes. An attack that aims to downgrade the TLS it leaks information in the case of multiple encryptions of
connection to SSL 3.0 is carried out. After the connection the same message.
is downgraded, an attacker only needs to make 256
C. Compression
requests over SSL 3.0 to break one byte of encrypted
communication. This vulnerability led to the widespread Compression algorithms work by removing
removal of SSL 3.0 from use on the internet [5]. repetitions. If a character in the main text repeats two or
Sloth: That is carried out by forcing the client or more times, the compressed text includes the symbol of
server in the TLS 1.2 client authentication process to the character, its frequency in the original text, and its
downgrade to weaker hash algorithms such as MD5 and location. In compression algorithms, frequently repeating
SHA1 [17]. characters are replaced with shorter symbols (less than
Freak: (Factoring Attack on RSA-EXPORT Keys) one byte), while rare characters are replaced with larger
This vulnerability allows an attacker to force a client and symbols (more than one byte) [18]. The Crime and
server to use a weaker version of the RSA cipher, which Breach attacks were carried out exploiting this
can then be easily broken. Attackers allow the server to vulnerability.
switch from a standard RSA encryption packet to an Crime Attack: The SSL/TLS protocols use data
export-class encryption packet, instead of fully compression formats such as DEFLATE and gzip [6].
downgrading the protocol version. This is targeted Crime attacks are brute force attacks that exploit a leak in
towards SSL and TLS applications that allow export- compressed SSL/TLS communications.
grade encryptions, which use RSA encryption more Breach Attack: The Breach attack takes advantage of
frequently. When the server switches to a less secure compression algorithms used in the SSL/TLS protocol,
encryption packet, attackers can access the packet's similar to the Crime attacks. The difference between
decryption key, decrypt the packet, and inject traffic [8]. Crime attacks and Breach attacks is that Breach attacks
Logjam: The Diffie-Hellman key exchange is a target HTTP compression, attacking HTTP responses
widely used method for securely exchanging [17]. TLS is commonly used to secure web traffic and
cryptographic keys [8]. This attack is launched against other types of internet communication but some attack
servers using TLS with Diffie-Hellman key exchange. such as TLS breach, which is a type of attack on a
Attackers using the man-in-the-middle approach force the computer network that targets the security protocols that
server to use the 512-bit Diffie-Hellman key exchange protect internet communications can be done.
algorithm in the TLS protocol. D. Time Delay Response
Beast: The BEAST (Browser Exploit Against
Advanced Evasion Techniques) attack is a vulnerability The Timing Attack is an attack that looks at how long
it takes a system to perform an operation and uses
that affects the SSL 3.0 and TLS 1.0 protocols. This
statistical analysis to find the correct password decryption
attack aims at network security vulnerabilities in TLS 1.0
key and gain access. The only information the attacker
and SSL versions. The attacker exploits the cipher-block
needs is the timing information generated by the
chaining (CBC) mode encryption to allow decryption of
the content of an SSL or TLS encrypted session. It allows application's algorithms. The attacker can guess the
an attacker to decrypt certain parts of an encrypted correct input by providing various inputs to the
application, timing the process, and analyzing the
communication by forcing the client and server to use a
information statistically. The Lucky 13 attack was carried
vulnerable version of the TLS protocol.
out taking advantage of this vulnerability. The Lucky 13
B. Cipher Suite/ Legacy Cipher Suites attack is a timing attack that can be used against
The older versions of the SSL/TLS protocol have implementations of the TLS protocol using the CBC
weaker encryption algorithms. This leads to the mode of operation. In a session with a cipher packet
weakening of the protocol over time [4]. The RC4 attack created using CBC, small timing differences occur during
was carried out exploiting this vulnerability. the decryption process. The Lucky13 attack exploits these
RC4: The RC4 (Rivest Cipher 4) attack is a timing differences.
vulnerability that affects the RC4 cipher, a widely used E. Data Padding
cryptographic algorithm. The attack allows an attacker to
recover the key used to encrypt data by analyzing patterns The data padding problem for SSL/TLS protocols
refers to a security vulnerability that arises from how data
in the encrypted data. The vulnerability was discovered in
is padded or expanded before being encrypted by the
2013 and affected the RC4 cipher when used in

403

Authorized licensed use limited to: Mukesh Patel School of Technology & Engineering. Downloaded on April 08,2025 at 14:46:49 UTC from IEEE Xplore. Restrictions apply.
 protocol. In SSL/TLS protocols, data is padded to ensure TABLE II. ATTACK AND PRECAUTIONS
that encrypted data has the same length, making it harder
to detect patterns in the data and thus making it more Attack Precautions
difficult for attackers to mount specific attacks. However,
Poodle Disabling support for SSL 3.0
if padding is implemented in a predictable or vulnerable
manner, an attacker may exploit the vulnerability to Sloth Discontinuing use of weak hash algorithms like
uncover information about the encrypted data. MD5 and SHA1
HeartBleed: This vulnerability is a security flaw
found in version 1.0.1 and 1.0.1f of the widely used Freak Rejecting RSA_EXPORT cipher suites at the
server side
OpenSSL library for TLS implementation [19]. It is a
feature that helps control the connections between client Logjam Discontinuing use of DHE_EXPORT algorithm
and server. The attacker can fool the other party by
claiming that the data being sent has a false length, Beast Not using SSL 3.0 or lower versions or TLS 1.0
causing the responding party to attempt to send data of at the server side and CBC algorithm does not
support block ciphers
the length specified by the attacker, thereby revealing
sensitive information such as user names and passwords RC4 Not using RC4 encryption algorithm
from the responding party's RAM memory [5], [16].
Robot: An attack that allows a TLS server to perform Crime Disabling SSL/TLS compression
RSA decryption and signature operations with its private Disabling HTTP compression
Breach
key [5]. It is a vulnerability that allows an attacker to
perform RSA decryption and signature operations with Lucky 13 Adding random time delays to counter cipher-
the private key of a TLS server. This attack exploits block chaining mode decryption to prevent
weaknesses in the implementation of the SSL/TLS statistical analysis and Using AEAD ciphers
protocols, specifically in the handling of error messages, like AES-GCM
to perform a man-in-the-middle attack and steal sensitive
HeartBleed Not responding to Heartbeat messages by the
information. server/client and Discontinuing use of
Drown: Decrypting RSA with Obsolete and OpenSSL library versions 1.0.1 and 1.0.1f
Weakened eNcryption is a type of cyber attack that
targets servers using the SSL or TLS protocols. The Robot Discontinuing use of RSA encryption algorithm
attack takes advantage of a vulnerability in SSL version
Drown Disabling support for SSL 2.0
2.0, which is an outdated version of the SSL protocol.
DROWN works by exploiting the use of outdated
encryption ciphers, weak encryption keys, and poor Use trusted SSL/TLS certificates: Using trusted
implementation practices, which can allow an attacker to SSL/TLS certificates ensures that the website or server the
break the encryption used by the server and steal sensitive computers are communicating with is authentic and not an
information. DROWN attacks can be prevented by impostor. Trusted SSL/TLS certificates are issued by
disabling SSL v2.0, using stronger encryption ciphers, third-party certificate authorities, who have verified the
and implementing best practices for secure configuration identity of the website or server owner. Using a trusted
of SSL/TLS protocols. SSL/TLS certificate, the computers can be assured that the
website or server they are communicating with is whom
V. THE COUNTERMEASURE FOR TLS ATTACKS they say they are and that their sensitive information, such
There are several measures that can be taken to protect as passwords and financial data, is transmitted securely
against TLS attacks: and protected from malicious actors. In addition, trusted
Use strong, up-to-date encryption: The use of robust SSL/TLS certificates also provide encryption of the
and up-to-date encryption refers to employing transmitted data, which helps to protect the confidentiality
cryptographic algorithms with a high level of security to of the information being sent and received over the
protect data transmitted over the internet. Encryption is a internet.
method of converting plaintext data into an unreadable Enable HTTPS: HTTPS (Hypertext Transfer Protocol
ciphertext format, which helps to protect the Secure) is a protocol for secure internet communication. It
confidentiality and integrity of the data. Using robust and provides a secure and encrypted connection between the
up-to-date encryption makes it much harder for attackers user's web browser and the website they are visiting. The
to intercept or alter data in transit, even if they can gain encrypted connection ensures that any information
access to the network. transmitted between the browser and website, such as
Table II shows attacks against the SSL/TLS protocol, login credentials or sensitive data, is protected from
and the precautions that can be taken against these attacks eavesdropping or tampering by third parties. HTTPS also
are mentioned. helps to prevent man-in-the-middle attacks, as the

404

Authorized licensed use limited to: Mukesh Patel School of Technology & Engineering. Downloaded on April 08,2025 at 14:46:49 UTC from IEEE Xplore. Restrictions apply.
 encryption ensures that a third party cannot intercept and transactions, such as online banking and e-commerce,
alter the data. where the protection of sensitive information is of utmost
Keep software and security protocols up to date: importance. Third-party certificates as an authentication
Keeping software and security protocols up-to-date is a mechanism certificates are issued by a trusted third-party
critical step in maintaining computer system security and (TTP), who acts as a trusted authority and confirms the
includes updating the operating system and any other identity of the parties involved in the communication. In
software installed on the system, such as web browsers cases where the TTP is offline, there is no bottleneck or
and other applications. In addition, updating software and single point of failure issue. This ensures the secure flow
security protocols can help to address any newly of information between two parties, even in cases where
discovered vulnerabilities that attackers may have the TTP is unavailable. The use of TTPs in TLS
exploited to gain unauthorized access to sensitive authentication helps to mitigate security risks and provides
information. a robust defense against cyber-attacks like MITM.
Train employees to recognize and report potential By using a clear address or other identifier as the
threats: Educating employees about the importance of subject of the certificate, the certificate can be validated
internet security and how to recognize potential threats during the authentication process. The use of a Public Key
can help to prevent attacks from occurring. Infrastructure (PKI) enables a more scalable trust model
Use a firewall: A firewall is a barrier between a private compared to other methods like Pre-Shared Key (PSK) or
internal network and the public Internet. By implementing Secure Remote Password (SRP). Despite its benefits,
a firewall, the system admin can restrict access to the relying solely on a PKI system also leads to centralization
network from unauthorized sources and prevent attackers and delegates all security responsibilities to a third party,
from accessing sensitive information transmitted through which can lead to potential key escrow problems. To
the TLS protocol. prevent attacks, some form of authentication mechanism
Use a VPN: A virtual private network (VPN) can help based on shared secrets or private/public keys is
to secure your internet connection by encrypting all traffic necessary. However, when it comes to P2P
and routing it through a secure server. communication, the requirement of having pre-established
shared information between peers can be a challenge.
VI. END TO END PROTECTION VIA TLS Digital certificates, Certification Authorities (CAs), and
TLS is a secure communication protocol that provides PKI can help overcome this challenge but still result in
end-to-end protection for data transmission between two centralization issues.
hosts. It is important to differentiate between "hop-by-
hop" protection and end-to-end protection. Hop-by-hop VII. ANALYZING VULNERABILITIES ON SSL/TLS
protection refers to the protection of data between routers PROTOCOL
as it passes through different networks, whereas end-to- There are the tools Sslscan and Testssl, which are
end protection refers to the protection of data from the command-line tools that return a comprehensive list of
source to the final destination, bypassing any intermediate protocols and ciphers accepted by an SSL/TLS server on
network nodes. TLS operates over a TCP connection a specified target, as well as some other information that
between two end hosts, providing a secure channel for is useful in a security test. The sslscan tool is an open-
data transmission, making it an end-to-end secure source software and a part of the OpenSSL library, and it
protocol. With TLS, data is encrypted and decrypted at the is command-line-based. By providing detailed reports on
source and destination, respectively, ensuring that scan results, sslscan provides important information about
sensitive information is kept confidential and protected the security of servers' SSL/TLS connections. Sslscan can
against eavesdropping and tampering. also export scan results in XML format, so that the results
TLS is a widely used protocol for ensuring secure can be analyzed later. The target address
communication over the internet. It provides a secure www.atlascentral.co.uk was identified and used for
channel between two endpoints, such as a client and a testing purposes on a Kali Linux machine. An example
server. One of the key features of TLS is the use of command and output executed on the Kali Linux machine
certificates from trusted third-party organizations, known is shown in Fig. 3. When the command 'sslscan
as TTPs, as an authentication mechanism. These www.atlascentral.co.uk' is executed, information about
certificates serve as proof of the identity of the parties the security level of the server's SSL/TLS connections is
involved in the communication and allow them to verify obtained. Upon examining the screenshot in Fig. 3,
each other's authenticity. This helps prevent man-in-the- different colors can be seen in the results obtained with
middle (MITM) attacks, where an attacker intercepts and sslscan. Green Color indicates that the SSL/TLS
potentially modifies communication between the parties. connection is secure and the SSL/TLS certificate is valid.
By using certificates, TLS ensures that an attacker should Yellow Color indicates that the validity of the SSL/TLS
not be able to forge a valid certificate and impersonate one certificate has not yet been verified, but no security
of the parties involved in the communication. This makes vulnerability has been detected. Red Color indicates that
TLS an essential component in securing online the SSL/TLS connection is insecure, the SSL/TLS

405

Authorized licensed use limited to: Mukesh Patel School of Technology & Engineering. Downloaded on April 08,2025 at 14:46:49 UTC from IEEE Xplore. Restrictions apply.
 certificate is invalid, or there is another security
vulnerability.
A. Sslscan Tools
This tool can run from the command line by
specifying the target server's hostname or IP address. For
example, “sslscan server.example.com”. SSLscan will
then perform a scan of the server's SSL/TLS configuration
and report the results. The output will include information
about the ciphers and protocols that are supported, as well
as any vulnerabilities or issues that were detected.

Figure 5. Testssl Output-1

Figure 3. SSLscan Command Output

B. Testssl Tools
When the command in Fig. 4 is run on the Kali Linux
machine, the screen outputs shown in Fig. 5 and Fig. 6
are obtained. This tool provides information on the
SSL/TLS version of the target web address, Cipher Suites
information, and vulnerability information on it. Figure 6. Testssl Output-2

VIII. CONCLUSION
SSL/TLS has become a standard for authentication
Figure 4. Testssl Command and encrypted communication between clients and
servers. However, as technology advances, the amount of
Testssl tools provide information on the SSL/TLS
data shared on the internet increases even more. This
version information of the target web address, the
increase paves the way for an increase in vulnerabilities in
category information in which the encryption algorithms
the protocol as well. For this reason, there may be various
that can be used in the SSL/TLS connection are grouped,
security vulnerabilities and weaknesses in the SSL/TLS
and possible vulnerability information on it. For example,
protocol. Therefore, it is essential to test the security of
Fig. 6 shows that the target website is vulnerable to
SSL/TLS connections on servers and to detect security
SWEET32, LUCKY13, and LOGJAM attacks. The tools
vulnerabilities. Also, it should be ensured that the latest
mentioned above have demonstrated successful results
versions are effectively used between clients and servers.
regarding the SSL/TLS protocol version, cipher suite
Tools that analyze vulnerabilities in the SSL/TLS protocol
information, and potential vulnerabilities associated with
are used to test the security of servers' SSL/TLS
a domain or IP address. It is evident, especially from the
connections. These tools detect the SSL/TLS protocols,
Testssl tool outputs, that all possible attacks against the
encryption algorithms, key lengths, and security
site (if any) have been detected.
vulnerabilities servers support. This increases the security

406

Authorized licensed use limited to: Mukesh Patel School of Technology & Engineering. Downloaded on April 08,2025 at 14:46:49 UTC from IEEE Xplore. Restrictions apply.
 of servers and ensures information security in internet Dependable Systems, Services and Technologies (DESSERT).
IEEE, May., 2018, pp. 143-146.
traffic. In this study, the tools SSLscan and Testssl have
[8] J. urguz, “Vulnerabilities of the SSL/TLS Protocol,” Computer
been examined, and analyses have been made for secure Science & Information Technology, vol. 6, 2016, pp. 245-256.
internet communication. It was determined that the [9] D. G. Berbecaru and G. Petraglia, “TLS-Monitor: A monitor for
website tested with SSLscan and Testssl uses the TLSv1.2 TLS attacks,” in 2023 IEEE 20th Consumer Communications &
Networking Conference (CCNC). IEEE, Jan., 2023, pp. 1-6.
version, and three attack vulnerabilities were found out of
[10] V. Platenka, A. Mazalek, and Z. Vranova, “Attacks on devices
the 18 attack analyses conducted. By testing the security using SSL/TLS,” in 2021 International Conference on Military
algorithms, we can assess the average security level of the Technologies (ICMT). IEEE, Jun., 2021, pp. 1-6.
site. However, this outcome may vary depending on each [11] N. Kumari and A. K. Mohapatra, “A comprehensive and critical
analysis of TLS 1.3,” Journal of Information and Optimization
site's security level.
Sciences, vol. 43, no. 4, 2022, pp. 689-703.
[12] “Transport Layer Security Protocol.” Microsoft.com.
REFERENCES https://learn.microsoft.com/en-
[1] K. Bhargavan, C. Fournet, and M. Kohlweiss, “mitls: Verifying us/windowserver/security/tls/transport-layer-security-protocol
protocol implementations against real-world attacks,” in IEEE (accessed Nov. 14, 2022).
Security and Privacy, 2016, vol. 14, no. 6, pp. 18-25. [13] A. Alkazimi and E. B. Fernandez, “Cipher suite rollback: a misuse
[2] S. Manfredi, S. Ranise, and G. Sciarretta, “Lost in tls? no more! pattern for the SSL/TLS client/server authentication handshake
assisted deployment of secure TLS configurations,” in Proc. 33rd protocol,” in Proceedings of the 21st Conference on Pattern
Annu. IFIP WG 11.3 Conf., DBSec 2019, Data and Applications Languages of Programs, Sep., 2014, pp. 1-9.
Security and Privacy XXXIII. Springer International Publishing, [14] “TLS 1.3 Nedir? | Neden TLS 1.3 Kullanılmalı?.” Natro.com.
Charleston, SC, USA, Jul. 15–17, 2019, pp. 201-220. https://www.natro.com/blog/tls-1-3-nedir-neden-tls-1-3-
[3] O. Kehret, A. Walz, and A. Sikora, “Integration of hardware kullanilmali (accessed Nov. 17, 2022).
security modules into a deeply embedded TLS stack,” Computing, [15] S. M. Kim, Y. H. Goo, M. S. Kim, S. G. Choi, and M. J. Choi, “A
vol. 15, no. 1, 2016, pp. 24-32. method for service identification of SSL/TLS encrypted traffic
[4] A. Aayush, Y. Aryan, and B. Muniyal, “Understanding SSL with the relation of session ID and Server IP,” in 2015 17th Asia-
protocol and its cryptographic weaknesses,” in 2022 3rd Pacific Network Operations and Management Symposium
International Conference on Intelligent Engineering and (APNOMS). IEEE, Aug., 2015, pp. 487-490.
Management (ICIEM). IEEE, Apr., 2022, pp. 825-832. [16] A. Çakmak, “Web güvenli inde SSL/TLS kriptografik protokolü:
[5] O. Ivanov, V. Ruzhentsev, and R. Oliynykov, “Comparison of açıklıklar, saldırılar ve güvenlik önlemleri,” M.S. thesis, Fen
modern network attacks on TLS protocol,” in 2018 International Bilimleri Enstitüsü, stanbul ehir Üni., stanbul, 2018.
Scientific-Practical Conference Problems of Infocommunications. [17] D. Ozden, “Analysis of recent attacks on SSL/TLS protocols,”
Science and Technology (PIC S&T). IEEE, Oct., 2018, pp. 565- Middle East Technical Univ., Ankara, Turkey, Student Rep., Sep.
570. 2016.
[6] P. Sirohi, A. Agarwal, and S. Tyagi, “A comprehensive study on [18] I. Ristic, “The Complete Guide to Securely Using SSL/TLS and
security attacks on SSL/TLS protocol,” in 2016 2nd international PKI in Infrastructure Deployment and Web Application
conference on next generation computing technologies (NGCT). Development” in Bulletproof SSL/TLS and PKI, Londra, Feisty
IEEE, Oct., 2016, pp. 893-898. Duck, 2014.
[7] T. Radivilova, L. Kirichenko, D. Ageyev, M. Tawalbeh, and V. [19] E. M. H. Momani and A. A. Z. Hudaib, “Comparative analysis of
Bulakh, “Decrypting SSL/TLS traffic for hidden threats Open-SSL vulnerabilities & heartbleed exploit detection,”
detection,” in 2018 IEEE 9th International Conference on International Journal of Computer Science and Security (IJCSS),
vol. 8, no. 4, pp. 159-176, 2014.

407

Authorized licensed use limited to: Mukesh Patel School of Technology & Engineering. Downloaded on April 08,2025 at 14:46:49 UTC from IEEE Xplore. Restrictions apply.