English
Related papers

Related papers: Does "www." Mean Better Transport Layer Security?

200 papers

Domain name system communication may provide sensitive information on users' Internet activity. DNS-over-TLS and DNS-over-HTTPS are proposals aiming at increasing the privacy of Internet end users. In this paper we present an overview of…

Networking and Internet Architecture · Computer Science 2022-04-11 Kamil Jerabek , Ondrej Rysavy , Ivana Burgetova

Most TLS clients such as modern web browsers enforce coarse-grained TLS security configurations. They support legacy versions of the protocol that have known design weaknesses, and weak ciphersuites that provide fewer security guarantees…

Cryptography and Security · Computer Science 2018-09-18 Eman Salem Alashwali , Pawel Szalachowski

Cloud providers' support for network evasion techniques that misrepresent the server's domain name is more prevalent than previously believed, which has serious implications for security and privacy due to the reliance on domain names in…

Cryptography and Security · Computer Science 2023-07-18 Blake Anderson , David McGrew

Over the last decade, Web traffic has significantly shifted towards HTTPS due to an increased awareness for privacy. However, DNS traffic is still largely unencrypted, which allows user profiles to be derived from plaintext DNS queries.…

Networking and Internet Architecture · Computer Science 2023-05-04 Mike Kosek , Luca Schumann , Robin Marx , Trinh Viet Doan , Vaibhav Bajpai

Virtually every connection to an Internet service is preceded by a DNS lookup which is performed without any traffic-level protection, thus enabling manipulation, redirection, surveillance, and censorship. To address these issues, large…

Cryptography and Security · Computer Science 2019-10-08 Sandra Siby , Marc Juarez , Claudia Diaz , Narseo Vallina-Rodriguez , Carmela Troncoso

Integrity and trust on the web build on X.509 certificates. Misuse or misissuance of these certificates threaten the Web PKI security model, which led to the development of several guarding techniques. In this paper, we study the DNS/DNSSEC…

Cryptography and Security · Computer Science 2024-07-03 Pouyan Fotouhi Tehrani , Raphael Hiesgen , Teresa Lübeck , Thomas C. Schmidt , Matthias Wählisch

The loading of resources from third-parties has evoked new security and privacy concerns about the current world wide web. Building on the concepts of forced and implicit trust, this paper examines cross-domain transmission control protocol…

Cryptography and Security · Computer Science 2021-06-28 Jukka Ruohonen , Joonas Salovaara , Ville Leppänen

This document presents TLS and how to make it secure enough as of 2014 Spring. Of course all the information given here will rot with time. Protocols known as secure will be cracked and will be replaced with better versions. Fortunately we…

Cryptography and Security · Computer Science 2014-07-09 Emmanuel Dreyfus

Transport Layer Security (TLS) is the base for many Internet applications and services to achieve end-to-end security. In this paper, we provide guidance on how to measure TLS deployments, including X.509 certificates and Web PKI. We…

Networking and Internet Architecture · Computer Science 2024-02-01 Pouyan Fotouhi Tehrani , Eric Osterweil , Thomas C. Schmidt , Matthias Wählisch

Browsers can detect malicious websites that are provisioned with forged or fake TLS/SSL certificates. However, they are not so good at detecting malicious websites if they are provisioned with mistakenly issued certificates or certificates…

Cryptography and Security · Computer Science 2017-07-21 Abhishek Singh , Binanda Sengupta , Sushmita Ruj

Default configuration of various software applications often neglects security objectives. We tested the default configuration of TLS in dozen web and application servers. The results show that "secure by default" principle should be…

Cryptography and Security · Computer Science 2017-08-28 Martin Stanek

DNS is a vital component for almost every networked application. Originally it was designed as an unencrypted protocol, making user security a concern. DNS-over-HTTPS (DoH) is the latest proposal to make name resolution more secure. In this…

Networking and Internet Architecture · Computer Science 2019-09-16 Timm Boettger , Felix Cuadrado , Gianni Antichi , Eder Leao Fernandes , Gareth Tyson , Ignacio Castro , Steve Uhlig

Nearly every service on the Internet relies on the Domain Name System (DNS), which translates a human-readable name to an IP address before two endpoints can communicate. Today, DNS traffic is unencrypted, leaving users vulnerable to…

Networking and Internet Architecture · Computer Science 2020-02-25 Austin Hounsel , Kevin Borgolte , Paul Schmitt , Jordan Holland , Nick Feamster

Although the security benefits of domain name encryption technologies such as DNS over TLS (DoT), DNS over HTTPS (DoH), and Encrypted Client Hello (ECH) are clear, their positive impact on user privacy is weakened by--the still exposed--IP…

Cryptography and Security · Computer Science 2021-06-17 Nguyen Phong Hoang , Arian Akhavan Niaki , Phillipa Gill , Michalis Polychronakis

The use of secure connections using HTTPS as the default means, or even the only means, to connect to web servers is increasing. It is being pushed from both sides: from the bottom up by client distributions and plugins, and from the top…

Networking and Internet Architecture · Computer Science 2017-06-12 George Michaelson , Matthew Roughan , Jonathan Tuke , Matt P. Wand , Randy Bush

Securing the communication between a web server and a browser is a fundamental task of securing the World Wide Web. Websites today rely heavily on HTTPS to set up secure connections. In recent years, several incidents undermined this trust…

Cryptography and Security · Computer Science 2021-05-13 Thomas Sutter , Kevin Lapagna , Peter Berlich , Marc Rennhard , Fabio Germann

In this paper, we introduce a duo of improvements for the Internet that would lead to better security. The authentication model on the Internet is broken and TLS connections have a considerable overhead. We try to address those issues with…

Cryptography and Security · Computer Science 2014-07-25 Frederic Jacobs

Public Key Infrastructures (PKIs) with their trusted Certificate Authorities (CAs) provide the trust backbone for the Internet: CAs sign certificates which prove the identity of servers, applications, or users. To be trusted by operating…

Cryptography and Security · Computer Science 2020-09-21 Jens Hiller , Johanna Amann , Oliver Hohlfeld

Malicious domains are part of the landscape of the internet but are becoming more prevalent and more dangerous to both companies and individuals. They can be hosted on variety of technologies and serve an array of content, ranging from…

Cryptography and Security · Computer Science 2024-10-08 Amanda Thomson , Leandros Maglaras , Naghmeh Moradpoor

Free content websites that provide free books, music, games, movies, etc., have existed on the Internet for many years. While it is a common belief that such websites might be different from premium websites providing the same content…

Computers and Society · Computer Science 2023-04-28 Abdulrahman Alabduljabbar , Runyu Ma , Ahmed Abusnaina , Rhongho Jang , Songqing Chen , DaeHun Nyang , and David Mohaisen