A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf
.
Measuring the Security Harm of TLS Crypto Shortcuts
2016
Proceedings of the 2016 ACM on Internet Measurement Conference - IMC '16
TLS has the potential to provide strong protection against network-based attackers and mass surveillance, but many implementations take security shortcuts in order to reduce the costs of cryptographic computations and network round trips. We report the results of a nine-week study that measures the use and security impact of these shortcuts for HTTPS sites among Alexa Top Million domains. We find widespread deployment of DHE and ECDHE private value reuse, TLS session resumption, and TLS session
doi:10.1145/2987443.2987480
fatcat:jkb4mnlduje2pabgcifk5soqjq