Security concerns at transport layer
Confidentiality is a combination of rules that limits access to information; availability is a guarantee of reliability of access to information by authorized persons and integrity is the assurance of the information being trustworthy. A violation of any or both of the above elements rises insecurity concern. This paper looks at security issues in the transport layer of TCP/IP.
Attacks on Transport Layer Security (TLS)
i. Secure Socket Layer Stripping - this is an attempt by an attacker to remove the use of Secure Socket Layer by adjusting unencrypted protocols that necessitate the use of TLS i.e. modifying HTTP traffic and HTML pages as they pass on the wire.
ii. STARTTLS Command Injection Attack- this is an attack on the transition between unprotected TLS and protected traffic. Here the attacker makes use of flaws present in a software application to obtain plaintext during data transmission. They do this by injection of commands that ensures that input buffer retains commands that were supplied hence accessing the data (G., 2016).
iii. Beast - this attack uses issues with TLS implementation of Cipher Block Chaining to decrypt parts of a packet HTTP in particular.
iv. Padding Oracle Attacks - this attack uses the thirteen lucky attack that is timing side-channel attack. It allows the attacker to decrypt random cipher text.
v. RC4 Attacks - attacker uses exploitability of RC4 to attack security level for TLS sessions (Davies, 2011).
Use of HTTP Strict Transport Security (HSTS) in the case of SSL attack.
Time attack can be secured by disabling TLS compression.
Use of Strong security keys-the private key employed to generate the cipher key ought to be adequately secure for the predicted lifetime of the private key and matching certificate
Use of certificates that support specific domain name - a user should not be presented with a certificate error that stimulates to reconcile hostname or domain misalignment.