At the recent ACSAC 2024 (Annual Computer Security Applications Conference), the TLS-Attacker security framework won second place in the prestigious Artifacts Competition and Impact Award. The international competition recognizes software artifacts with high scientific and industrial relevance.
TLS-Attacker is an open source framework for analyzing and evaluating security protocols, in particular the Transport Layer Security (TLS) protocol, which plays an essential role in secure communication on the Internet. The tool has been developed for over ten years by the Paderborn Univsersity, Ruhr University Bochum, the Technology Innovation Institute Abu Dhabi and Hackmanit GmbH. Among them are Nico Heitmann and Sven Hebrok from the NERD Graduate School. The tool is used internationally to uncover vulnerabilities in encryption protocols. These include major protocol vulnerabilities such as Raccoon and ALPACA as well as various implementation errors, including padding oracles, which have affected numerous TLS libraries.
ACSAC is one of the leading conferences in the field of IT security. The Artifacts Competition and Impact Award annually recognizes software frameworks and tools that enable significant advances in research and practice. Invited projects undergo a rigorous assessment by experts from academia and industry.
The joy of receiving the award is correspondingly great. “From my point of view, this is the most important award I have received in my career. It is an incredible recognition for our years of work and the impact that the TLS Attacker has had in research and industry,” explains Prof. Dr.-Ing. Juraj Somorovsky, one of the leading minds behind the development of the framework.