An Approach to Implement Cryptographic Protocol Version Downgrade Within a Secure Internal Network: TLS 1.x to SSL

An Approach to Implement Cryptographic Protocol Version Downgrade Within a Secure Internal Network: TLS 1.x to SSL

SSL

TLS

POODLE

Vulnerabilities

protocol versions upgrade

The end to end encryption of connections over the internet have evolved from SSL to TLS 1.3 over the years. Attacks have exposed vulnerabilities on each upgraded version of the cryptographic protocols used to secure connections over the internet. Organisations have to keep updating their web based applications to use the latest cryptographic protocol to ensure users are protected and feel comfortable using their web applications. But, the problem is that, web applications are not always standalone systems, there is usually a maze of systems that are integrated to provide services to the end user. The interactions between these systems happens within the controlled internal private network environment of the organisation. While only the front ending web application is visible to the end user. It is not often feasible to upgrade all internal systems to use the latest cryptographic protocol for internal interfaces/integration due to prohibitive cost of redevelopment and upgrades to infra and systems. Here we define an algorithm to setup internal & external firewalls to downgrade to a lower version of the cryptographic protocol (SSL) within the internal network for the integration/interfacing connections of internal systems while mandating the latest cryptographic protocol (TLS 1.x) for end user connections to the web application.

S, Ganeshkumar

Govindaraju, Elango

International Journal of Interactive Mobile Technologies (iJIM); Vol. 13 No. 10 (2019); pp. 179-187

1865-7923

International Association of Online Engineering (IAOE), Vienna, Austria

2019-09-25

Copyright (c) 2019 Ganeshkumar S, Elango Govindaraju

application/pdf

eng

info:eu-repo/semantics/article

info:eu-repo/semantics/publishedVersion

Non-refereed Article