Lost in TLS? No more!

Transport Layer Security (TLS) is a suite of cryptographic protocols designed to provide confidentiality, integrity and authentication to the parties communicating via an unsecure channel. With four existing versions and a wide set of customizable elements (e.g., available cipher suites, extensions, certificates), its deployment requires a non-trivial amount of technical knowledge whose lack results in a time-consuming task.

Our focus: help administrators in deploying secure TLS instances.

Related Tools

Related Publications

  • Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta and Silvio Ranise
    Demo: TLSAssistant v2 - A Modular and Extensible Framework for Securing TLS
    In: Proceedings of the 27th ACM Symposium on Access Control Models and Technologies (SACMAT 2022) (DOI, news)
  • Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta and Silvio Ranise
    A Modular and Extensible Framework for Securing TLS
    In: Proceedings of the Twelveth ACM Conference on Data and Application Security and Privacy (CODASPY 2022) (DOI, news)
  • Salvatore Manfredi, Mariano Ceccato, Giada Sciarretta, and Silvio Ranise
    Do Security Reports Meet Usability? - Lessons Learned from Using Actionable Mitigations for Patching TLS Misconfigurations
    In: The 16th International Conference on Availability, Reliability and Security (ARES 2021) (ETACS 2021) (DOI, complementary material, news)
  • Salvatore Manfredi, Silvio Ranise, Giada Sciarretta and Alessandro Tomasi
    TLSAssistant goes FINSEC: A Security Platform Integration Extending Threat Intelligence Language
    In: 1st International Workshop on Cyber-Physical Security for Critical Infrastructures Protection (CPS4CIP 2020)
  • Salvatore Manfredi, Silvio Ranise and Giada Sciarretta
    Lost in TLS? No More! Assisted Deployment of Secure TLS Configurations
    In: Proceedings of the 33rd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2019), vol. 11559, pp. 201-220 (DOI, news)

Related Theses

  • Federico Cucino (Bachelor's Thesis, University of Trento, 2022)
    Miglioramento delle capacità di analisi di TLSAssistant - Automatizzazione delle mitigazioni per NGINX
    Supervisor: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Giada Sciarretta
  • Ivan Valentini (Bachelor's Thesis, University of Trento, 2022)
    Estensione delle capacità di analisi di TLSAssistant - Rilevazione e mitigazione di ALPACA, POODLE e Raccoon
    Supervisor: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Giada Sciarretta
  • Matteo Rizzi (Bachelor's Thesis, University of Trento, 2021)
    TLS Analyzers for Android Apps: State-of-the-art Analysis and Integration in TLSAssistant
    Supervisor: Silvio Ranise | Co-supervisors: Giada Sciarretta, Salvatore Manfredi
    Awards: 3rd place at thesis award "Innovare la sicurezza delle informazioni 2021", sponsored by CLUSIT
  • Salvatore Manfredi (Master's Thesis, University of Trento, 2019)
    Assisting users in securing TLS configurations
    Supervisor: Silvio Ranise | Co-supervisor: Giada Sciarretta