KoTeBi: Combinatorial testing of TLS libraries at all levels

The Transport Layer Security (TLS) protocol is one of the most important security standards on computers and smartphones today. It is used to secure communication over the internet and is used, for example, when streaming videos. However, human errors in the implementation of TLS and other encryption protocols repeatedly lead to security gaps. These are becoming increasingly challenging as they result from complex combinations of different protocol versions and their sub-steps. This complex interaction is extremely difficult to anticipate during software development. Comprehensive security tests can provide a remedy, provided they take this complexity sufficiently into account.

The goal of the project is to identify and avoid vulnerabilities and compatibility problems during programming. To achieve this, the researchers will develop a system that enables end-to-end testing of program libraries, which implement specific protocols. To this end, the project participants are researching methods for the automated detection of security vulnerabilities, which result in particular from the combination of protocol versions and their sub-steps. The goal is to enable software developers to test their own implementations with the tool so that security is already ensured during the development process.