SADT: Syntax-Aware Differential Testing of Certificate Validation in SSL/TLS Implementations

Lili Quan, Qianyu Guo, Hongxu Chen, Xiaofei Xie, Xiaohong Li, Yang Liu, Jing Hu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The security assurance of SSL/TLS critically depends on the correct validation of X.509 certificates. Therefore, it is important to check whether a certificate is correctly validated by the SSL/TLS implementations. Although differential testing has been proven to be effective in finding semantic bugs, it still suffers from the following limitations: (1) The syntax of test cases cannot be correctly guaranteed. (2) Current test cases are not diverse enough to cover more implementation behaviours. This paper tackles these problems by introducing SADT, a novel syntax-aware differential testing framework for evaluating the certificate validation process in SSL/TLS implementations. We first propose a tree-based mutation strategy to ensure that the generated certificates are syntactically correct, and then diversify the certificates by sharing interesting test cases among all target SSL/TLS implementations. Such generated certificates are more likely to trigger discrepancies among SSL/TLS implementations, which may indicate some potential bugs. To evaluate the effectiveness of our approach, we applied SADT on testing 6 widely used SSL/TLS implementations, compared with the state-of-the-art fuzzing technique (i.e., AFL) and two differential testing techniques (i.e., NEZHA and RFCcert). The results show that SADT outperforms other techniques in generating discrepancies. In total, 64 unique discrepancies were discovered by SADT, and 13 of them have been confirmed as bugs or fixed by the developers.

Original languageEnglish
Title of host publicationProceedings - 2020 35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages524-535
Number of pages12
ISBN (Electronic)9781450367684
DOIs
Publication statusPublished - Sep 2020
Externally publishedYes
Event35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020 - Virtual, Melbourne, Australia
Duration: Sep 22 2020Sep 25 2020

Publication series

NameProceedings - 2020 35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020

Conference

Conference35th IEEE/ACM International Conference on Automated Software Engineering, ASE 2020
Country/TerritoryAustralia
CityVirtual, Melbourne
Period9/22/209/25/20

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence
  • Software
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'SADT: Syntax-Aware Differential Testing of Certificate Validation in SSL/TLS Implementations'. Together they form a unique fingerprint.

Cite this