English
Related papers

Related papers: Inductive Analysis of the Internet Protocol TLS

200 papers

We present new analytic techniques for inferring HTTP semantics from passive observations of HTTPS that can infer the value of important fields including the status-code, Content-Type, and Server, and the presence or absence of several…

Cryptography and Security · Computer Science 2018-05-30 Blake Anderson , Andrew Chi , Scott Dunlop , David McGrew

The ongoing trend to move industrial appliances from previously isolated networks to the Internet requires fundamental changes in security to uphold secure and safe operation. Consequently, to ensure end-to-end secure communication and…

Cryptography and Security · Computer Science 2022-06-02 Markus Dahlmanns , Johannes Lohmöller , Jan Pennekamp , Jörn Bodenhausen , Klaus Wehrle , Martin Henze

Recently, many organizations have been installing middleboxes in their networks in large numbers to provide various services to their customers. Although middleboxes have the advantage of not being dependent on specific hardware and being…

Cryptography and Security · Computer Science 2023-09-29 Taehyun Ahn , Jiwon Kwak , Seungjoo Kim

Analyzing users' Internet traffic data and activities has a certain impact on users' experiences in different ways, from maintaining the quality of service on the Internet and providing users with high-quality recommendation systems to…

Networking and Internet Architecture · Computer Science 2020-09-22 Aida Ramezani , Amirhossein Khajehpour , Mahdi Jafari Siavoshani

To analyse cryptographic properties of distributed systems in a systematic way, a formal theory is required. In this paper, we present a theory that allows (1) to specify distributed systems formally, (2) to verify their cryptographic wrt.…

Software Engineering · Computer Science 2018-07-06 Maria Spichkova , Radhika Bhat

Most modern web browsers today sacrifice optimal TLS security for backward compatibility. They apply coarse-grained TLS configurations that support (by default) legacy versions of the protocol that have known design weaknesses, and weak…

Cryptography and Security · Computer Science 2018-09-18 Eman Salem Alashwali , Kasper Rasmussen

Development of information technology, especially in the field of computer network allows the exchange of information faster and more complex and the data that is exchanged can vary. Security of data on communication in the network is a…

Cryptography and Security · Computer Science 2015-08-25 Heru Pranata , Leon Andretti Abdillah , Usman Ependi

Propositional Linear Temporal Logic (LTL) is a popular formalism for specifying desirable requirements and security and privacy policies for software, networks, and systems. Yet expressing such requirements and policies in LTL remains…

Logic in Computer Science · Computer Science 2026-04-09 Priscilla Kyei Danso , Mohammad Saqib Hasan , Niranjan Balasubramanian , Omar Chowdhury

The paper presents an analysis of the main mechanisms of decryption of SSL/TLS traffic. Methods and technologies for detecting malicious activity in encrypted traffic that are used by leading companies are also considered. Also, the…

Cryptography and Security · Computer Science 2019-04-18 Tamara Radivilova , Lyudmyla Kirichenko , Dmytro Ageyev , Maxim Tawalbeh , Vitalii Bulakh

Passive operating system fingerprinting reveals valuable information to the defenders of heterogeneous private networks; at the same time, attackers can use fingerprinting to reconnoiter networks, so defenders need obfuscation techniques to…

Cryptography and Security · Computer Science 2017-06-27 Blake Anderson , David McGrew

The Internet delivered in excess of forty terabytes per second in 2017 (Cisco, 2018), and over half of today's Internet traffic is encrypted (Sandvine, 2018); enabling trade worth trillions of dollars (Statista, 2017). Yet, the underlying…

Cryptography and Security · Computer Science 2020-10-02 Ben Smyth

TLS uses X.509 certificates for server authentication. A X.509 certificate is a complex document and various innocent errors may occur while creating/ using it. Also, many certificates belong to malicious websites and should be rejected by…

Cryptography and Security · Computer Science 2017-05-26 Sankalp Bagaria , R. Balaji , B. S. Bindhumadhava

HTTPS is quickly rising alongside the need of Internet users to benefit from security and privacy when accessing the Web, and it becomes the predominant application protocol on the Internet. This migration towards a secure Web using HTTPS…

Cryptography and Security · Computer Science 2020-08-20 Wazen M. Shbair , Thibault Cholez , Jerome Francois , Isabelle Chrisment

Hypertext Transfer Protocol Secure (HTTPS) protocol has become an integral part of modern Internet technology. Currently, it is the primary protocol for commercialized web applications. It can provide a fast, secure connection with a…

Cryptography and Security · Computer Science 2022-09-28 Gordon King , Hans Wang

Internet has played a vital role in this modern world, the possibilities and opportunities offered are limitless. Despite all the hype, Internet services are liable to intrusion attack that could tamper the confidentiality and integrity of…

Cryptography and Security · Computer Science 2009-06-23 M. A. Faizal , M. Mohd Zaki , S. Shahrin , Y. Robiah , S. Siti Rahayu , B. Nazrulazhar

Browser fingerprinting is the identification of a browser through the network traffic captured during communication between the browser and server. This can be done using the HTTP protocol, browser extensions, and other methods. This paper…

Cryptography and Security · Computer Science 2024-10-29 Sandhya Aneja , Nagender Aneja

There are often situations where two remote users each have data, and wish to (i) verify the equality of their data, and (ii) whenever a discrepancy is found afterwards, determine which of the two modified his data. The most common example…

Information Theory · Computer Science 2023-10-31 Go Kato , Mikio Fujiwara , Toyohiro Tsurumaru

Except for the traditional threat that candidates may want to cheat, exams have historically not been seen as a serious security problem. That threat is routinely thwarted by having invigilators ensure that candidates do not misbehave…

Cryptography and Security · Computer Science 2015-12-16 Rosario Giustolisi

Intel Software Guard Extension (SGX) offers software applications enclave to protect their confidentiality and integrity from malicious operating systems. The SSL/TLS protocol, which is the de facto standard for protecting transport-layer…

Cryptography and Security · Computer Science 2017-09-28 Yuan Xiao , Mengyuan Li , Sanchuan Chen , Yinqian Zhang

In this paper, we propose the use of interactive theorem proving for explainable machine learning. After presenting our proposition, we illustrate it on the dedicated application of explaining security attacks using the Isabelle…

Software Engineering · Computer Science 2022-01-03 Florian Kammüller