skip to main content
10.1145/3603269.3610858acmconferencesArticle/Chapter ViewAbstractPublication PagescommConference Proceedingsconference-collections
poster

Poster: Q-Scanner: A Fast Scanning Tool for Large-Scale SSL/TLS Configurations Measurement

Published: 01 September 2023 Publication History

Abstract

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols are used to encrypt data, protect privacy, and authenticate. However, the security of SSL/TLS itself depends on its configurations. While some scanning tools are used to measure SSL/TLS configurations, their performance is far from meeting the requirement of large-scale measurements. In this paper, we propose a fast SSL/TLS configuration scanning tool, Q-Scanner, which can generate a lightweight scanning solution based on the characteristics of the configurations to be scanned. The experiment shows Q-Scanner achieves a speedup of over 30,000 times compared to SSL Pulse without loss of accuracy.

References

[1]
Alban Diquet. 2023. Fast and powerful SSL/TLS scanning library. https://github.com/nabla-c0d3/sslyze.
[2]
Thai Duong and Juliano Rizzo. 2011. Here come the ⊕ ninjas. Unpublished manuscript (2011).
[3]
Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, and J Alex Halderman. 2015. A search engine backed by Internet-wide scanning. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 542--553.
[4]
Bodo Möller, Thai Duong, and Krzysztof Kotowicz. 2014. This POODLE bites: exploiting the SSL 3.0 fallback. Security Advisory 21 (2014), 34--58.
[5]
Inc Qualys. 2023. Qualys SSL Labs - SSL Pulse. https://www.ssllabs.com/ssl-pulse/.
[6]
rbsec. 2023. sslscan tests SSL/TLS enabled services to discover supported cipher suites. https://github.com/rbsec/sslscan.
[7]
Inc TrustAsia. 2023. MySSL. https://myssl.com/.
[8]
Dirk Wetter. 2023. Testing TLS/SSL encryption anywhere on any port. https://github.com/drwetter/testssl.sh.

Index Terms

  1. Poster: Q-Scanner: A Fast Scanning Tool for Large-Scale SSL/TLS Configurations Measurement

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      ACM SIGCOMM '23: Proceedings of the ACM SIGCOMM 2023 Conference
      September 2023
      1217 pages
      ISBN:9798400702365
      DOI:10.1145/3603269
      Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the owner/author(s).

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 01 September 2023

      Check for updates

      Author Tags

      1. SSL
      2. TLS
      3. configurations
      4. efficient scan

      Qualifiers

      • Poster

      Funding Sources

      • the National Key R&D Program of China

      Conference

      ACM SIGCOMM '23
      Sponsor:
      ACM SIGCOMM '23: ACM SIGCOMM 2023 Conference
      September 10, 2023
      NY, New York, USA

      Acceptance Rates

      Overall Acceptance Rate 462 of 3,389 submissions, 14%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • 0
        Total Citations
      • 186
        Total Downloads
      • Downloads (Last 12 months)77
      • Downloads (Last 6 weeks)2
      Reflects downloads up to 17 Feb 2025

      Other Metrics

      Citations

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media