TLS Inspector test suites for professional certification support

TLS Inspector

achelos test suites secure your network

achelos offers test tools to test your products and solutions and services, independent of the manufacturer, for security and conformity in a manufacturer-independent approach. With our TLS test suites, you can find loopholes and errors in the implementation and configuration of your network connections and as well as in the operation of your web services and systematically secure them. The test objectives are to test the complete structure of the TLS connection, all the way up to mutual authentication and reaction to incorrect behaviour, such as:

  • missing or wrong parts of communication
  • incorrect key material
  • incorrect certificates
  • unsuitable cipher suites
  • incorrect reaction to manipulations

The TLS test suites from achelos can be used flexibly, all the way up to automated test runs. Extremely efficient test management and various simulation environments are available for this purpose. Implementation of the security protocols is investigated in detail and results are logged for future reference.

Protocols guarantee authenticity, integrity and confidentiality

The catalogue of test cases is continuously extended and is based on requirements from the following sources:

  • Functional specifications
  • Technical guidelines (TR) from the BSI
  • Certifications
  • Cryptographic standards
  • Application notes on Common Criteria certification
  • Evaluation standards
  • Penetration tests
  • Documentation requirements in line with Common Criteria

 



Get started right away – cyber security is achievable

Use the manufacturer-independent test suites from achelos, developed together with an accredited test center, to secure your TLS network connections. Thanks to flexible architecture and implementation, the test suites from achelos can be used immediately, regardless of the products involved.

To protect themselves from cyber attacks achelos supports:

  • Network component manufacturers
  • Evaluators and certification bodies
  • System Operators
  • Company IT departments
  • Government bodies

Automated test procedure for professionals

A large number of test and evaluation bodies are already using the Qumate test suites from achelos to perform tests within the framework of accredited test procedures.

The architecture and implementation of the test suites has a modular structure. Various test suites, tools and simulations can be integrated on the basis of the Qumate by achelos. Automated tests and detailed test reports are used to measure product quality. All you need is a powerful PC without any special IT infrastructure or a complex laboratory environment.

Architecture of the TLS test environment

Benefits when using TLS Inspector test suites

Benefits when using TLS Inspector test suites

  • Easy verification of websites according to BSI guidelines
  • Prevention of IT configuration errors
  • Compliant with security guidelines of the Federal Office for Information Security (BSI)
  • Cost saving thanks to faster certification
  • Efficient testing thanks to high degree of automation
  • Convenient simulation environment and excellent ease-of-use
  • Scope and depth of testing, as well as attack scenarios can be individually selected
  • Reproducible and audit-compliant documentation of test results
  • Manufacturer-independent test environment
  • Developed in cooperation with an accredited test centre

Our test suites include the following:

  • The expert knowledge of our BSI-trained employees
  • Continuous further development of the Qumate platform since 2009
  • The practical experience of the established Qumate by achelos Testcenter in the field of critical infrastructures
  • A high degree of automation: fast, flexible and with verifiable results
achelos test environment – test coverage

Checks the TLS configuration

  • Protocol version (no SSL 3.0, TLS 1.0, …)
  • Cipher suite (no EXPORT cipher suites, no weak encryption algorithms, …)
  • Cryptographic parameters (RSA key length ≥ 2048 Bit, …)
  • Protocol extensions (TLS compression, heartbeat, …)

Tests for correct implementation

  • Robust protocol implementation (manipulation of the message sequence, …)
  • Correct checking of the padding (adding invalid padding values)
  • Constant-time implementation (for example Lucky Thirteen attacks)
Product versions

The test suites are available individually with the following testing tools:

  • TLS Client Inspector
  • TLS Server Inspector
  • TLS Checklist Inspector

optional:

  • Simulation environment
  • Software Development Kit (SDK)

Heinfried Cznottka

Director Security Solutions

Email:

Phone:
+49 5251 14212-327