English
Related papers

Related papers: Enhanced Performance for the encrypted Web through…

200 papers

Post-quantum migration in TLS 1.3 couples signature-algorithm choice with certificate-hierarchy structure, chain exposure during the handshake, and role-dependent cryptographic cost. In certificate-based authentication, the practical effect…

Cryptography and Security · Computer Science 2026-05-21 José Luis Delgado Jiménez

Internet traffic is increasingly encrypted. While this protects the confidentiality and integrity of communication, it prevents network monitoring systems (NMS) and intrusion detection systems (IDSs) from effectively analyzing the now…

Cryptography and Security · Computer Science 2021-04-21 Florian Wilkens , Steffen Haas , Johanna Amann , Mathias Fischer

QUIC is a secure transport protocol that improves the performance of HTTPS. An initial QUIC handshake that enforces a strict validation of the client's source address requires two round-trips. In this work, we extend QUIC's address…

Networking and Internet Architecture · Computer Science 2019-05-06 Erik Sy , Christian Burkert , Tobias Mueller , Hannes Federrath , Mathias Fischer

Most modern web browsers today sacrifice optimal TLS security for backward compatibility. They apply coarse-grained TLS configurations that support (by default) legacy versions of the protocol that have known design weaknesses, and weak…

Cryptography and Security · Computer Science 2018-09-18 Eman Salem Alashwali , Kasper Rasmussen

TLS is the most widely used cryptographic protocol on the Internet. While many recent studies focused on its use in HTTPS, none so far analyzed TLS usage in e-mail related protocols, which often carry highly sensitive information. Since…

Cryptography and Security · Computer Science 2015-11-03 Wilfried Mayer , Aaron Zauner , Martin Schmiedecker , Markus Huber

Recently, many organizations have been installing middleboxes in their networks in large numbers to provide various services to their customers. Although middleboxes have the advantage of not being dependent on specific hardware and being…

Cryptography and Security · Computer Science 2023-09-29 Taehyun Ahn , Jiwon Kwak , Seungjoo Kim

Network middle-boxes often classify the traffic flows on the Internet to perform traffic management or discriminate one traffic against the other. As the widespread adoption of HTTPS protocol has made it difficult to classify the traffic…

Cryptography and Security · Computer Science 2021-01-13 Vinod S. Khandkar , Manjesh K. Hanawal

Forward Secrecy (FS) is a security property in key-exchange algorithms which guarantees that a compromise in the secrecy of a long-term private-key does not compromise the secrecy of past session keys. With a growing awareness of long-term…

Cryptography and Security · Computer Science 2019-07-02 Eman Salem Alashwali , Pawel Szalachowski , Andrew Martin

Today, Internet becomes the essential part of our lives. Over 90 percent of the ecommerce is developed on the Internet. A security algorithm became very necessary for producer client transactions assurance and the financial applications…

Cryptography and Security · Computer Science 2009-07-30 R. K. Pateriya , J. L. Rana , S. C. Shrivastava , Jaideep Patel

In this paper, we revisit the performance of the QUIC connection setup and relate the design choices for fast and secure connections to common Web deployments. We analyze over 1M Web domains with 272k QUIC-enabled services and find two…

Networking and Internet Architecture · Computer Science 2023-02-03 Marcin Nawrocki , Pouyan Fotouhi Tehrani , Raphael Hiesgen , Jonas Mücke , Thomas C. Schmidt , Matthias Wählisch

In webpage fingerprinting, an on-path adversary infers the specific webpage loaded by a victim user by analysing the patterns in the encrypted TLS traffic exchanged between the user's browser and the website's servers. This work studies…

Cryptography and Security · Computer Science 2023-10-30 Vasilios Mavroudis , Jamie Hayes

On today's Internet, combining the end-to-end security of TLS with Content Delivery Networks (CDNs) while ensuring the authenticity of connections results in a challenging delegation problem. When CDN servers provide content, they have to…

Cryptography and Security · Computer Science 2020-11-19 Lukas Alber , Stefan More , Sebastian Ramacher

TLS stripping attacks expose sensitive web traffic by forcing secure HTTPS connections to fall back to unencrypted HTTP. At present, protection against these attacks relies on website operators explicitly opting into security by deploying…

Cryptography and Security · Computer Science 2026-05-29 Aaron van Diepen , Adrian Zapletal , Fernando Kuipers

As Internet users have become more savvy about the potential for their Internet communication to be observed, the use of network traffic encryption technologies (e.g., HTTPS/TLS) is on the rise. However, even when encryption is enabled,…

Cryptography and Security · Computer Science 2020-07-09 Nguyen Phong Hoang , Arian Akhavan Niaki , Nikita Borisov , Phillipa Gill , Michalis Polychronakis

Network traffic inspection, including TLS traffic, in enterprise environments is widely practiced. Reasons for doing so are primarily related to improving enterprise security (e.g., malware detection) and meeting legal requirements. To…

Cryptography and Security · Computer Science 2018-09-25 Louis Waked , Mohammad Mannan , Amr Youssef

QUIC is a performance-optimized secure transport protocol and a building block of the upcoming HTTP/3 standard. To protect against denial-of-service attacks, QUIC servers need to validate the IP addresses claimed by their clients. So far,…

Cryptography and Security · Computer Science 2019-03-25 Erik Sy

Browser fingerprinting is the identification of a browser through the network traffic captured during communication between the browser and server. This can be done using the HTTP protocol, browser extensions, and other methods. This paper…

Cryptography and Security · Computer Science 2024-10-29 Sandhya Aneja , Nagender Aneja

The centralized PKI is not a suitable solution to provide identities in large-scale IoT systems. The main problem is the high cost of managing X.509 certificates throughout their lifecycle, from installation to regular updates and…

Cryptography and Security · Computer Science 2024-02-14 Leonardo Perugini , Andrea Vesco

The majority of electronic communication today happens either via email or chat. Thanks to the use of standardised protocols electronic mail (SMTP, IMAP, POP3) and instant chat (XMPP, IRC) servers can be deployed in a decentralised but…

Cryptography and Security · Computer Science 2016-01-26 Ralph Holz , Johanna Amann , Olivier Mehani , Matthias Wachs , Mohamed Ali Kaafar

Mutual TLS (mTLS) provides strong, certificate-based authentication for both clients and servers, yet its adoption for user-facing websites remains rare. This paper presents a longitudinal study of mTLS usability, tracking 46 senior and…

Cryptography and Security · Computer Science 2026-05-01 Abubakar Sadiq Shittu , Clay Shubert , John Sadik , Scott Ruoti