English
Related papers

Related papers: TLS hardening

200 papers

It is notoriously difficult to securely configure HTTPS, and poor server configurations have contributed to several attacks including the FREAK, Logjam, and POODLE attacks. In this work, we empirically evaluate the TLS security posture of…

Cryptography and Security · Computer Science 2021-11-02 Camelia Simoiu , Wilson Nguyen , Zakir Durumeric

In many web applications, such as Content Delivery Networks (CDNs), TLS credentials are shared, e.g., between the website's TLS origin server and the CDN's edge servers, which can be distributed around the globe. To enhance the security and…

Cryptography and Security · Computer Science 2025-06-17 Behnam Shobiri , Sajjad Pourali , Daniel Migault , Ioana Boureanu , Stere Preda , Mohammad Mannan , Amr Youssef

Web-fraud is one of the most unpleasant features of today's Internet. Two well-known examples of fraudulent activities on the web are phishing and typosquatting. Their effects range from relatively benign (such as unwanted ads) to downright…

Cryptography and Security · Computer Science 2015-03-13 Mishari Al Mishari , Emiliano De Cristofaro , Karim El Defrawy , Gene Tsudik

Protecting users' privacy over the Internet is of great importance; however, it becomes harder and harder to maintain due to the increasing complexity of network protocols and components. Therefore, investigating and understanding how data…

Networking and Internet Architecture · Computer Science 2021-09-14 Mahdi Jafari Siavoshani , Amir Hossein Khajepour , Amirmohammad Ziaei , Amir Ali Gatmiri , Ali Taheri

Encrypted traffic poses new and unique challenges for network operators because information that is useful or necessary for management purposes is not accessible anymore. This paper examines proposed approaches to provide end-to-end…

Networking and Internet Architecture · Computer Science 2018-12-18 Pedro A. Aranda Gutiérrez , Diego López , Thomas Fossati

Default configuration of various software applications often neglects security objectives. We tested the default configuration of TLS in dozen web and application servers. The results show that "secure by default" principle should be…

Cryptography and Security · Computer Science 2017-08-28 Martin Stanek

The SSH protocol was designed in the late nineties to cope with the security problems of the telnetf family of protocols. It brought authentication and confidentiality to remote access protocols and is now widely used. Almost 30 years after…

Networking and Internet Architecture · Computer Science 2023-12-15 François Michel , Olivier Bonaventure

Web attacks, i.e. attacks exclusively using the HTTP protocol, are rapidly becoming one of the fundamental threats for information systems connected to the Internet. When the attacks suffered by web servers through the years are analyzed,…

Cryptography and Security · Computer Science 2007-05-23 Gonzalo Alvarez , Slobodan Petrovic

Malicious domains are part of the landscape of the internet but are becoming more prevalent and more dangerous to both companies and individuals. They can be hosted on variety of technologies and serve an array of content, ranging from…

Cryptography and Security · Computer Science 2024-10-08 Amanda Thomson , Leandros Maglaras , Naghmeh Moradpoor

The use of secure connections using HTTPS as the default means, or even the only means, to connect to web servers is increasing. It is being pushed from both sides: from the bottom up by client distributions and plugins, and from the top…

Networking and Internet Architecture · Computer Science 2017-06-12 George Michaelson , Matthew Roughan , Jonathan Tuke , Matt P. Wand , Randy Bush

The Transport Layer Security (TLS) protocol and its public-key infrastructure (PKI) are widely used in the Internet to achieve secure communication. Validating domain ownership by trusted certification authorities (CAs) is a critical step…

Cryptography and Security · Computer Science 2020-03-31 Pawel Szalachowski

The security of cryptographic communication protocols that use X.509 certificates depends on the correctness of those certificates. This paper proposes a system that helps to ensure the correct operation of an X.509 certification authority…

Cryptography and Security · Computer Science 2020-04-16 Holger Kinkelin , Richard von Seck , Christoph Rudolf , Georg Carle

Flawed TLS certificates are not uncommon on the Internet. While they signal a potential issue, in most cases they have benign causes (e.g., misconfiguration or even deliberate deployment). This adds fuzziness to the decision on whether to…

Cryptography and Security · Computer Science 2022-07-26 Martin Ukrop , Lydia Kraus , Vashek Matyas

Hypertext Transfer Protocol Secure (HTTPS) protocol has become an integral part of modern Internet technology. Currently, it is the primary protocol for commercialized web applications. It can provide a fast, secure connection with a…

Cryptography and Security · Computer Science 2022-09-28 Gordon King , Hans Wang

TLS stripping attacks expose sensitive web traffic by forcing secure HTTPS connections to fall back to unencrypted HTTP. At present, protection against these attacks relies on website operators explicitly opting into security by deploying…

Cryptography and Security · Computer Science 2026-05-29 Aaron van Diepen , Adrian Zapletal , Fernando Kuipers

End users of remote computing systems are frequently not aware of basic ways in which they could enhance protection against cyber-threats and attacks. In this paper, we discuss specific techniques to help and train users to improve…

Cryptography and Security · Computer Science 2023-12-04 Marcelo Ponce , Ramses van Zon

Recently, many organizations have been installing middleboxes in their networks in large numbers to provide various services to their customers. Although middleboxes have the advantage of not being dependent on specific hardware and being…

Cryptography and Security · Computer Science 2023-09-29 Taehyun Ahn , Jiwon Kwak , Seungjoo Kim

The adoption of security protocols such as Transport Layer Security (TLS) has significantly improved the state of traffic encryption and integrity protection on the Internet. Despite rigorous analysis, vulnerabilities continue to emerge,…

Cryptography and Security · Computer Science 2025-01-30 Mariam Moustafa , Mohit Sethi , Tuomas Aura

TLS can resume previous connections via abbreviated resumption handshakes that significantly decrease the delay and save expensive cryptographic operations. For that, cryptographic TLS state from previous connections is reused. TLS version…

Cryptography and Security · Computer Science 2019-02-08 Erik Sy , Moritz Moennich , Tobias Mueller , Hannes Federrath , Mathias Fischer

Secure coding is a critical yet often overlooked practice in software development. Despite extensive awareness efforts, real-world adoption remains inconsistent due to organizational, educational, and technical barriers. This paper provides…

Software Engineering · Computer Science 2025-10-02 Kiana Kiashemshaki , Mohammad Jalili Torkamani , Negin Mahmoudi