English
Related papers

Related papers: TLS hardening

200 papers

TLS uses X.509 certificates for server authentication. A X.509 certificate is a complex document and various innocent errors may occur while creating/ using it. Also, many certificates belong to malicious websites and should be rejected by…

Cryptography and Security · Computer Science 2017-05-26 Sankalp Bagaria , R. Balaji , B. S. Bindhumadhava

Most TLS clients such as modern web browsers enforce coarse-grained TLS security configurations. They support legacy versions of the protocol that have known design weaknesses, and weak ciphersuites that provide fewer security guarantees…

Cryptography and Security · Computer Science 2018-09-18 Eman Salem Alashwali , Pawel Szalachowski

As of today, TLS is the most commonly used protocol to protect communication content. To provide good security, it is of central importance, that administrators know how to configure their services correctly. For this purpose, services…

Human-Computer Interaction · Computer Science 2018-09-25 Christian Tiefenau , Emanuel von Zezschwitz

Transport Layer Security (TLS) is the base for many Internet applications and services to achieve end-to-end security. In this paper, we provide guidance on how to measure TLS deployments, including X.509 certificates and Web PKI. We…

Networking and Internet Architecture · Computer Science 2024-02-01 Pouyan Fotouhi Tehrani , Eric Osterweil , Thomas C. Schmidt , Matthias Wählisch

TLS is an end-to-end protocol designed to provide confidentiality and integrity guarantees that improve end-user security and privacy. While TLS helps defend against pervasive surveillance of intercepted unencrypted traffic, it also hinders…

Cryptography and Security · Computer Science 2023-01-26 Xavier de Carné de Carnavalet , Paul C. van Oorschot

In webpage fingerprinting, an on-path adversary infers the specific webpage loaded by a victim user by analysing the patterns in the encrypted TLS traffic exchanged between the user's browser and the website's servers. This work studies…

Cryptography and Security · Computer Science 2023-10-30 Vasilios Mavroudis , Jamie Hayes

The majority of electronic communication today happens either via email or chat. Thanks to the use of standardised protocols electronic mail (SMTP, IMAP, POP3) and instant chat (XMPP, IRC) servers can be deployed in a decentralised but…

Cryptography and Security · Computer Science 2016-01-26 Ralph Holz , Johanna Amann , Olivier Mehani , Matthias Wachs , Mohamed Ali Kaafar

Transport Layer Security (TLS) protocol is a cryptographic protocol designed to secure communication over the internet. The TLS protocol has become a fundamental in secure communication, most commonly used for securing web browsing…

Cryptography and Security · Computer Science 2024-09-30 Maciej Kalka , Marek Kirejczyk

The Internet delivered in excess of forty terabytes per second in 2017 (Cisco, 2018), and over half of today's Internet traffic is encrypted (Sandvine, 2018); enabling trade worth trillions of dollars (Statista, 2017). Yet, the underlying…

Cryptography and Security · Computer Science 2020-10-02 Ben Smyth

HTTPS is quickly rising alongside the need of Internet users to benefit from security and privacy when accessing the Web, and it becomes the predominant application protocol on the Internet. This migration towards a secure Web using HTTPS…

Cryptography and Security · Computer Science 2020-08-20 Wazen M. Shbair , Thibault Cholez , Jerome Francois , Isabelle Chrisment

The paper presents an analysis of the main mechanisms of decryption of SSL/TLS traffic. Methods and technologies for detecting malicious activity in encrypted traffic that are used by leading companies are also considered. Also, the…

Cryptography and Security · Computer Science 2019-04-18 Tamara Radivilova , Lyudmyla Kirichenko , Dmytro Ageyev , Maxim Tawalbeh , Vitalii Bulakh

A number of important real-world protocols including the Transport Layer Security (TLS) protocol have the ability to negotiate various security-related choices such as the protocol version and the cryptographic algorithms to be used in a…

Cryptography and Security · Computer Science 2019-01-29 Eman Salem Alashwali , Kasper Rasmussen

With the development of e-commerce, ssl protocol is more and more widely applied to various network services. It is one of key technologies to keep user's data in secure transmission via internet. This document majorly focuses on "SSLStrip"…

Cryptography and Security · Computer Science 2012-09-18 Fenil Kavathia , Ajay Modi

Internet browsers use security protocols to protect sensitive messages. An inductive analysis of TLS (a descendant of SSL 3.0) has been performed using the theorem prover Isabelle. Proofs are based on higher-order logic and make no…

Cryptography and Security · Computer Science 2019-07-18 Lawrence C. Paulson

Secure communication is an integral feature of many Internet services. The widely deployed TLS protects reliable transport protocols. DTLS extends TLS security services to protocols relying on plain UDP packet transport, such as VoIP or IoT…

Networking and Internet Architecture · Computer Science 2019-04-26 Sebastian Gallenmüller , Dominik Schöffmann , Dominik Scholz , Fabien Geyer , Georg Carle

Most modern web browsers today sacrifice optimal TLS security for backward compatibility. They apply coarse-grained TLS configurations that support (by default) legacy versions of the protocol that have known design weaknesses, and weak…

Cryptography and Security · Computer Science 2018-09-18 Eman Salem Alashwali , Kasper Rasmussen

Testing of network services represents one of the biggest challenges in cyber security. Because new vulnerabilities are detected on a regular basis, more research is needed. These faults have their roots in the software development cycle or…

Cryptography and Security · Computer Science 2018-03-29 Josip Bozic , Lina Marsso , Radu Mateescu , Franz Wotawa

Network traffic inspection, including TLS traffic, in enterprise environments is widely practiced. Reasons for doing so are primarily related to improving enterprise security (e.g., malware detection) and meeting legal requirements. To…

Cryptography and Security · Computer Science 2018-09-25 Louis Waked , Mohammad Mannan , Amr Youssef

The current implementation of TLS involves your browser displaying a padlock, and a green bar, after successfully verifying the digital signature on the TLS certificate. Proposed is a solution where your browser's response to successful…

Cryptography and Security · Computer Science 2018-04-13 Joseph Kilcullen

TLS is the most widely used cryptographic protocol on the Internet. While many recent studies focused on its use in HTTPS, none so far analyzed TLS usage in e-mail related protocols, which often carry highly sensitive information. Since…

Cryptography and Security · Computer Science 2015-11-03 Wilfried Mayer , Aaron Zauner , Martin Schmiedecker , Markus Huber
‹ Prev 1 2 3 10 Next ›