Filters








3,227 Hits in 6.8 sec

(De-)Constructing TLS 1.3 [chapter]

Markulf Kohlweiss, Ueli Maurer, Cristina Onete, Björn Tackmann, Daniele Venturi
2015 Lecture Notes in Computer Science  
Our Contributions We prove the security of (a slightly modified version of) the ephemeral Diffie-Hellman handshake of TLS 1.3 with unilateral authentication, that is, where only the server has a certificate  ...  SSL/TLS is arguably one of the most widely-used cryptographic protocols securing today's Internet.  ...  TLS' design characteristics), rather than the weight of our contribution.  ... 
doi:10.1007/978-3-319-26617-6_5 fatcat:qy32ftanvrchllc74m72v7mkre

On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption

Tibor Jager, Jörg Schwenk, Juraj Somorovsky
2015 Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security - CCS '15  
The first attack (on TLS 1.3) requires a very fast "Bleichenbacheroracle" to create the TLS CertificateVerify message before the client drops the connection.  ...  Such an oracle may in practice be given by a TLS server, which responds with appropriate error messages, or allows in any other way to tell whether a given ciphertext has a "valid" padding or not (for  ...  certificate collection, the reviewers of USENIX Security 2015 for suggesting to analyze the applicability of our attacks to QUIC, and the reviewers of ACM CCS 2015 for their helpful comments.  ... 
doi:10.1145/2810103.2813657 dblp:conf/ccs/JagerSS15 fatcat:iiopfpxglzd5xhfwf7giozblze

SiegeBreaker: An SDN Based Practical Decoy Routing System

Piyush Kumar Sharma, Devashish Gosain, Himanshu Sagar, Chaitanya Kumar, Aneesh Dogra, Vinayak Naik, H.B. Acharya, Sambuddho Chakravarty
2020 Proceedings on Privacy Enhancing Technologies  
A further concern is that the Decoy Router has to inspect all flows in order to identify the ones that need DR.  ...  Our modular, lightweight design achieves performance comparable to direct TCP downloads, for both in-lab setups, and Internet based tests involving commercial SDN switches.  ...  Further, this research was in part supported by Persistent Systems Ltd., Pune, India.  ... 
doi:10.2478/popets-2020-0051 fatcat:ivyiogj5i5be3d5xem5j2qsnfu

Industrial control protocols in the Internet core: Dismantling operational practices

Marcin Nawrocki, Thomas C. Schmidt, Matthias Wählisch
2021 International Journal of Network Management  
We estimate an upper bound of the deployment status for ICS security protocols in the Internet core.  ...  We uncover mainly unprotected inter-domain ICS traffic and provide an in-depth view on Internet-wide ICS communication.  ...  In detail, our contributions are the following. 1.  ... 
doi:10.1002/nem.2158 fatcat:g7pudb5vgvb65blmwdcxfbfxne

The Era of TLS 1.3: Measuring Deployment and Use with Active and Passive Methods [article]

Ralph Holz and Johanna Amann and Abbas Razaghpanah and Narseo Vallina-Rodriguez
2019 arXiv   pre-print
Finally, we exploit data from a widely deployed measurement app in the Android ecosystem to analyze the use of TLS 1.3 in mobile networks and in mobile browsers.  ...  In this paper, we conduct the first study of TLS 1.3 deployment and use since its standardization by the IETF.  ...  We filter our results to investigate the contributions of cloud providers in the case of TLS 1.3-enabled domains in Table 5 .  ... 
arXiv:1907.12762v2 fatcat:pvri7x6emzfpzcvwujgjv3qu6a

A Practical Evaluation of a High-Security Energy-Efficient Gateway for IoT Fog Computing Applications

2017 Sensors  
Moreover, the most widespread Transport Layer Security (TLS) cipher suites use RSA as the main public key-exchange algorithm, but the key sizes needed are not practical for most IoT devices and cannot  ...  In this article, how to secure IoT gateway communications while minimizing power consumption is analyzed.  ...  Acknowledgments: This work has been funded by the Xunta de Galicia (ED431C 2016-045, ED341D R2016/012, ED431G/01), the Agencia Estatal de Investigación of Spain (TEC2013-47141-C4-1-R, TEC2015-69648-REDC  ... 
doi:10.3390/s17091978 pmid:28850104 pmcid:PMC5620735 fatcat:7rzbfdyggnbcxgcgi3kw3dabei

Reactive and Proactive Standardisation of TLS [chapter]

Kenneth G. Paterson, Thyla van der Merwe
2016 Lecture Notes in Computer Science  
In the development of TLS 1.3, the IETF TLS Working Group has adopted an "analysis-prior-to-deployment" design philosophy. This is in sharp contrast to all previous versions of the protocol.  ...  We explore the possible factors that have contributed to the shift in the TLS WG's design mindset, considering the protocol analysis tools available, the levels of academic involvement and the incentives  ...  Van der Merwe was supported by the EPSRC as part of the Centre for Doctoral Training in Cyber Security at Royal Holloway, University of London.  ... 
doi:10.1007/978-3-319-49100-4_7 fatcat:33ngau3bv5a5lb3purmdqqtmxe

A Practical Evaluation on RSA and ECC-Based Cipher Suites for IoT High-Security Energy-Efficient Fog and Mist Computing Devices

Manuel Suárez-Albela, Paula Fraga-Lamas, Tiago Fernández-Caramés
2018 Sensors  
The testbed makes use of Transport Layer Security (TLS) 1.2 Elliptic Curve Cryptography (ECC) and Rivest-Shamir-Adleman (RSA) cipher suites (that comply with the yet to come TLS 1.3 standard requirements  ...  To allow mist computing nodes to provide the previously mentioned benefits and guarantee the same level of security as in other architectures, end-to-end standard security mechanisms need to be implemented  ...  TLS standard (i.e., TLS 1.3) are selected.  ... 
doi:10.3390/s18113868 pmid:30423831 fatcat:t7kxdouuqrej5dqznxllqg22tu

Achieving Efficient and Provably Secure Steganography in Practice [article]

Aubrey Alston
2017 arXiv   pre-print
of efficient and secure steganographic systems in practice: (a) investigating the syntactic and semantic applicability of the current formalism of steganographic security to a broader range of potentially  ...  Beginning from the starting point of the initial definition of steganographic security, I have engaged in an exploration which has developed to include two primary tasks, both pointing towards the realization  ...  and (2) are universal steganographic constructions under this model the most valuable contribution in practice?  ... 
arXiv:1707.00074v1 fatcat:axztpaws25fe7jezakua6pd76u

Low-Power IoT Communication Security: On the Performance of DTLS and TLS 1.3

Gabriele Restuccia, Hannes Tschofenig, Emmanuel Baccelli
2020 2020 9th IFIP International Conference on Performance Evaluation and Modeling in Wireless Networks (PEMWN)   unpublished
Similarly to elsewhere on the Internet, practical security in the Internet of Things (IoT) is achieved by combining an array of mechanisms, at work at all layers of the protocol stack, in system software  ...  Recently, the TLS 1.3 standard was released and DTLS 1.3 is in the final stages of standardization.  ...  Recently, TLS 1.3 [17] was published, and DTLS 1.3 is in the final stages of standardization. A reasonable question is thus: How appropriate is TLS 1.3 for IoT?  ... 
doi:10.23919/pemwn50727.2020.9293085 fatcat:qpnvp7p26jdldgod2gzta4o6lu

Low-Power IoT Communication Security: On the Performance of DTLS and TLS 1.3 [article]

Gabriele Restuccia, Hannes Tschofenig, Emmanuel Baccelli
2020 arXiv   pre-print
Similarly to elsewhere on the Internet, practical security in the Internet of Things (IoT) is achieved by combining an array of mechanisms, at work at all layers of the protocol stack, in system software  ...  Recently, the TLS 1.3 standard was released and DTLS 1.3 is in the final stages of standardization.  ...  Recently, TLS 1.3 [17] was published, and DTLS 1.3 is in the final stages of standardization. A reasonable question is thus: How appropriate is TLS 1.3 for IoT?  ... 
arXiv:2011.12035v2 fatcat:vgyt4pnrjndjdnohasz3vjlvh4

DSTC: DNS-based Strict TLS Configurations [article]

Eman Salem Alashwali, Pawel Szalachowski
2018 arXiv   pre-print
This enables clients to consider prior knowledge about the servers' TLS configurations to enforce a fine-grained TLS configurations policy.  ...  That is, the client enforces strict TLS configurations for connections going to the advertising servers, while enforcing default configurations for the rest of the connections.  ...  The client interprets this record and changes its behaviour to the strict policy which affects the TLS version, ciphersuite, and the fallback mechanism.  ... 
arXiv:1809.05674v1 fatcat:qszgb3l4tndhje6oigr6tkkoly

miTLS: Verifying Protocol Implementations against Real-World Attacks

Karthikeyan Bhargavan, Cedric Fournet, Markulf Kohlweiss
2016 IEEE Security and Privacy  
Our main contribution to the standardization effort is a new version of miTLS that implements TLS 1.3, but also supports older versions for backwards compatibility.  ...  The former build in flexibility in specifications to allow for the competing interests of parties contributing to the development process.  ... 
doi:10.1109/msp.2016.123 fatcat:fisjry37bzexpdcl26l67e67p4

A survey and analysis of TLS interception mechanisms and motivations [article]

Xavier de Carné de Carnavalet, Paul C. van Oorschot
2020 arXiv   pre-print
This issue has resulted in some parties proposing various methods that "bypass" the confidentiality goals of TLS by playing with keys and certificates essentially in a man-in-the-middle solution, and leads  ...  To better understand the underlying motivation of such research proposals, we first review the use cases expecting plain HTTP traffic and discuss the extent to which TLS hinders these operations.  ...  The second author acknowledges funding from the Natural Sciences and Engineering Research Council of Canada (NSERC) for both his Canada Research Chair in Authentication and Computer Security, and a Discovery  ... 
arXiv:2010.16388v1 fatcat:vxup4szt6fg3zivje6ilh6p4gu

Multiple Handshakes Security of TLS 1.3 Candidates

Xinyu Li, Jing Xu, Zhenfeng Zhang, Dengguo Feng, Honggang Hu
2016 2016 IEEE Symposium on Security and Privacy (SP)  
Although each handshake mode is now well-understood in isolation, their composition in TLS 1.2 remains problematic, and yet it is critical to obtain practical security guarantees for TLS.  ...  The Transport Layer Security (TLS) protocol is by far the most widely deployed protocol for securing communications and the Internet Engineering Task Force (IETF) is currently developing TLS 1.3 as the  ...  Multi-Level&Stage Security of TLS 1.3 draft-10 Firstly, we define the session identifiers and contributive identifiers for the stages in different running modes as specified in TLS 1.3 draft-10 to be the  ... 
doi:10.1109/sp.2016.36 dblp:conf/sp/LiXZFH16 fatcat:zmdchlwumbc6zlk3piug4chwji
« Previous Showing results 1 — 15 out of 3,227 results