English
Related papers

Related papers: TLS hardening

200 papers

The paper reviews an implementation of an additional encrypted tunnel within TLS to further secure and authenticate the traffic of personal information between ProtonMail's frontends and the backend, implementing its key exchange, symmetric…

Cryptography and Security · Computer Science 2020-05-29 Aron Wussler

Cross-site scripting (XSS) is one of the major threats menacing the privacy of data and the navigation of trusted web applications. Since its reveal in late 1999 by Microsoft security engineers, several techniques have been developed in the…

Cryptography and Security · Computer Science 2024-04-24 Abdelhakim Hannousse , Salima Yahiouche , Mohamed Cherif Nait-Hamoud

We examine the security of a cloud storage service that makes very strong claims about the ``trustless'' nature of its security. We find that, although stored files are end-to-end encrypted, the encryption method allows for effective…

Cryptography and Security · Computer Science 2025-04-01 Vanessa Teague , Arash Mirzaei

Passwords are undoubtedly the most dominant user authentication mechanism on the web today. Although they are inexpensive and easy-to-use, security concerns of password-based authentication are serious. Phishing and theft of password…

Cryptography and Security · Computer Science 2018-04-24 Klaudia Krawiecka , Arseny Kurnikov , Andrew Paverd , Mohammad Mannan , N. Asokan

We define a problem of certifying computation integrity performed by some remote party we do not necessarily trust. We present a multi-party interactive protocol called SafeComp that solves this problem under specified constraints.…

Cryptography and Security · Computer Science 2020-05-25 Evgeny Shishkin , Evgeny Kislitsyn

Distributed Denial of Service (DDoS) attacks exhaust victim's bandwidth or services. Traditional architecture of Internet is vulnerable to DDoS attacks and an ongoing cycle of attack & defense is observed. In this paper, different types and…

Cryptography and Security · Computer Science 2014-03-24 Muhammad Aamir , Mustafa Ali Zaidi

The significance of the DDoS problem and the increased occurrence, sophistication and strength of attacks has led to the dawn of numerous prevention mechanisms. Each proposed prevention mechanism has some unique advantages and disadvantages…

Cryptography and Security · Computer Science 2012-08-20 B. B. Gupta , R. C. Joshi , Manoj Misra

TR-069 is a standard for the remote management of end-user devices by service providers. Despite being implemented in nearly a billion devices, almost no research has been published on the security and privacy aspects of TR-069. The first…

Networking and Internet Architecture · Computer Science 2020-01-09 Maximilian Hils , Rainer Böhme

This study aims to assess wireless network security holistically and attempts to determine the weakest link among the parts that comprise the 'secure' aspect of the wireless networks: security protocols, wireless technologies and user…

Cryptography and Security · Computer Science 2011-03-03 Berker Tasoluk , Zuhal Tanrikulu

Active measurements can be used to collect server characteristics on a large scale. This kind of metadata can help discovering hidden relations and commonalities among server deployments offering new possibilities to cluster and classify…

Networking and Internet Architecture · Computer Science 2023-08-31 Markus Sosnowski , Johannes Zirngibl , Patrick Sattler , Georg Carle , Claas Grohnfeldt , Michele Russo , Daniele Sgandurra

Domain name system communication may provide sensitive information on users' Internet activity. DNS-over-TLS and DNS-over-HTTPS are proposals aiming at increasing the privacy of Internet end users. In this paper we present an overview of…

Networking and Internet Architecture · Computer Science 2022-04-11 Kamil Jerabek , Ondrej Rysavy , Ivana Burgetova

HTTP/2 supersedes HTTP/1.1 to tackle the performance challenges of the modern Web. A highly anticipated feature is Server Push, enabling servers to send data without explicit client requests, thus potentially saving time. Although…

Networking and Internet Architecture · Computer Science 2018-10-15 Torsten Zimmermann , Benedikt Wolters , Oliver Hohlfeld , Klaus Wehrle

With the increasing adoption of smart contracts, ensuring their security has become a critical concern. Numerous vulnerabilities and attacks have been identified and exploited, resulting in significant financial losses. In response,…

Cryptography and Security · Computer Science 2024-08-13 Zhiyuan Wei , Jing Sun , Zijian Zhang , Xianhao Zhang , Xiaoxuan Yang , Liehuang Zhu

According to the Open Web Application Security Project (OWASP), Cross-Site Scripting (XSS) is a critical security vulnerability. Despite decades of research, XSS remains among the top 10 security vulnerabilities. Researchers have proposed…

Cryptography and Security · Computer Science 2025-05-01 Dennis Miczek , Divyesh Gabbireddy , Suman Saha

Now a days, a new family of web applications open applications, are emerging (e.g., Social Networking, News and Blogging). Generally, these open applications are non-confidential. The security needs of these applications are only…

Cryptography and Security · Computer Science 2013-06-10 Pankaj Choudhary , Rajendra Aaseri , Nirmal Roberts

The most common attacks against web sessions are reviewed in this paper, for example, some attacks against web browsers' honest users attempting to create session with trusted web browser application legally. We have assessed with four…

Software Engineering · Computer Science 2023-10-18 Md. Imtiaz Habib , Abdullah Al Maruf , Md. Jobair Ahmed Nabil

Recent web-based cyber attacks are evolving into a new form of attacks such as private information theft and DDoS attack exploiting JavaScript within a web page. These attacks can be made just by accessing a web site without distribution of…

Cryptography and Security · Computer Science 2015-02-16 JongHun Jung , Hwan-Kuk Kim , Soojin Yoon

Vulnerability Discovery with attack Injection security threats are increasing for the server software, when software is developed, the software tested for the functionality. Due to unawareness of software vulnerabilities most of the…

Networking and Internet Architecture · Computer Science 2014-02-12 G. Vijay Kumar , Ravikumar S. Raykundaliya , Dr. P. Naga Prasad

Today's Internet utilizes a multitude of different protocols. While some of these protocols were first implemented and used and later documented, other were first specified and then implemented. Regardless of how protocols came to be, their…

Cryptography and Security · Computer Science 2016-10-19 Tobias Fiebig , Franziska Lichtblau , Florian Streibelt , Thorben Krueger , Pieter Lexis , Randy Bush , Anja Feldmann

The critical role that Network Time Protocol (NTP) plays in the Internet led to multiple efforts to secure it against time-shifting attacks. A recent proposal for enhancing the security of NTP with Chronos against on-path attackers seems…

Cryptography and Security · Computer Science 2020-10-19 Philipp Jeitner , Haya Shulman , Michael Waidner