The project “Transport Layer Security in Practice (TLSiP)” deals with methods to recognize unsafe cryptographic processes in Internet services and should provide Internet users with a transparent solution for secure Internet communication. In our society, the Internet has established itself as an important communication tool and the secure transfer of data has become indispensable in many areas such as daily communication, online trading or -banking. Thereby, Transport Layer Security (TLS) has been accepted as the default protocol. The availability of tools and studies to improve the usage of TLS is therefore important and of increasing significance for society as well as industry and commerce.
The practical usage of TLS faces two important challenges: The first challenge addresses the faulty configuration of TLS, which significantly damages the security of Internet services, whereas the second challenge concerns the trustworthiness of certificate authorities. Therefore the first project phase continually analyses the worldwide usage of TLS protocols by Internet services in an automated fashion regarding the application of unsafe cryptographic procedures. Especially communication services like e-mail or XMPP will be investigated w.r.t. possible security deficiencies. The research goal is thereby to gain an Internet-wide insight into the used encryption procedures and certificates. Whilst the first project phase delivers important results regarding the security of Internet users, the second project phase focuses on methods to improve the security of Internet users. The goal is to draft a “privacy proxy” which can facilitate a secure data transfer to Internet services, independent from the type of device used. A multitude of Internet services allows for insecure as well as secure communication, the privacy proxy should therefore automatically change all unencrypted connections into encrypted ones. The second challenge to be solved by the privacy proxy is the identification of damaging and invalid certificates. Thereby the research focus lies on a new procedure which verifies certificates with the help of notary authorities. In order to achieve these ambitious goals, a project focusing on applied basic research is of great importance.