English
Related papers

Related papers: On the Interplay between TLS Certificates and QUIC…

200 papers

Stateful Middleboxes are integral part of enterprise and campus networks that provide essential in-network, security, and value-added services. These stateful middleboxes rely on precise network flow identification. However, the adoption of…

Networking and Internet Architecture · Computer Science 2026-02-04 Hari Hara Sudhan Selvam , Sameer G. Kulkarni

Within a few years of its introduction, QUIC has gained traction: a significant chunk of traffic is now delivered over QUIC. The networking community is actively engaged in debating the fairness, performance, and applicability of QUIC for…

Networking and Internet Architecture · Computer Science 2018-10-23 Mirko Palmer , Thorben Krüger , Balakrishnan Chandrasekaran , Anja Feldmann

HTTPS is quickly rising alongside the need of Internet users to benefit from security and privacy when accessing the Web, and it becomes the predominant application protocol on the Internet. This migration towards a secure Web using HTTPS…

Cryptography and Security · Computer Science 2020-08-20 Wazen M. Shbair , Thibault Cholez , Jerome Francois , Isabelle Chrisment

QUIC, as the transport layer of the next-generation Web stack (HTTP/3), natively provides security and performance improvements over TCP-based stacks. However, since QUIC provides end-to-end encryption for both data and packet headers,…

Networking and Internet Architecture · Computer Science 2026-02-16 Jie Zhang , Lei Zhang , Ziyi Wang , Chenxiang Sun , Yuming Hu , Xiaohui Xie , Zeqi Lai , Yong Cui

The use of TLS proxies to intercept encrypted traffic is controversial since the same mechanism can be used for both benevolent purposes, such as protecting against malware, and for malicious purposes, such as identity theft or warrantless…

Cryptography and Security · Computer Science 2015-05-29 Mark O'Neill , Scott Ruoti , Kent Seamons , Daniel Zappala

Transport Layer Security (TLS) is the base for many Internet applications and services to achieve end-to-end security. In this paper, we provide guidance on how to measure TLS deployments, including X.509 certificates and Web PKI. We…

Networking and Internet Architecture · Computer Science 2024-02-01 Pouyan Fotouhi Tehrani , Eric Osterweil , Thomas C. Schmidt , Matthias Wählisch

The QUIC transport protocol represents a significant evolution in web transport technologies, offering improved performance and reduced latency compared to traditional protocols like TCP. Given the growing number of QUIC implementations,…

Networking and Internet Architecture · Computer Science 2026-02-11 Jashanjot Singh Sidhu , Abdelhak Bentaleb

The level of trust accorded to certification authorities has been decreasing over the last few years as several cases of misbehavior and compromise have been observed. Log-based approaches, such as Certificate Transparency, ensure that…

Cryptography and Security · Computer Science 2016-01-06 Laurent Chuat , Pawel Szalachowski , Adrian Perrig , Ben Laurie , Eran Messeri

QUIC protocol is primarily designed to optimize web performance and security. However, previous research has pointed out that it is vulnerable to handshake flooding attacks. Attackers can send excessive volume of handshaking requests to…

Cryptography and Security · Computer Science 2024-12-13 Abdollah Jabbari , Y A Joarder , Benjamin Teyssier , Carol Fung

The Transport Layer Security (TLS) protocol and its public-key infrastructure (PKI) are widely used in the Internet to achieve secure communication. Validating domain ownership by trusted certification authorities (CAs) is a critical step…

Cryptography and Security · Computer Science 2020-03-31 Pawel Szalachowski

QUIC has rapidly evolved into a cornerstone transport protocol for secure, low-latency communications, yet its deployment continues to expose critical security and privacy vulnerabilities, particularly during connection establishment phases…

Cryptography and Security · Computer Science 2025-07-02 Jayasree Sengupta , Debasmita Dey , Simone Ferlin-Reiter , Nirnay Ghosh , Vaibhav Bajpai

If two or more identical HTTPS clients, located at different geographic locations (regions), make an HTTPS request to the same domain (e.g. example.com), on the same day, will they receive the same HTTPS security guarantees in response? Our…

Cryptography and Security · Computer Science 2020-10-21 Eman Salem Alashwali , Pawel Szalachowski , Andrew Martin

With the introduction of QUIC, a modern transport-layer network protocol, HTTP/3 leverages its benefits to enhance web content delivery. This paper proposes a mechanism based on the recently standardized Extensible Prioritization Scheme…

Networking and Internet Architecture · Computer Science 2024-04-29 Abhinav Gupta , Radim Bartos

The ability to quickly revoke a compromised key is critical to the security of any public-key infrastructure. Regrettably, most traditional certificate revocation schemes suffer from latency, availability, or privacy problems. These…

Cryptography and Security · Computer Science 2020-09-15 Laurent Chuat , AbdelRahman Abdou , Ralf Sasse , Christoph Sprenger , David Basin , Adrian Perrig

This paper presents a practical solution to the problem of limited bandwidth in Quantum Key Distribution (QKD)- secured communication through using rapidly rekeyed Internet Protocol security (IPsec) links. QKD is a cutting-edge security…

Cryptography and Security · Computer Science 2018-01-08 Stefan Marksteiner , Benjamin Rainer , Oliver Maurhart

In Software-Defined Networks (SDNs), the control plane and data plane communicate for various purposes, such as applying configurations and collecting statistical data. While various methods have been proposed to reduce the overhead and…

Networking and Internet Architecture · Computer Science 2024-08-05 Puneet Kumar , Behnam Dezfouli

Flawed TLS certificates are not uncommon on the Internet. While they signal a potential issue, in most cases they have benign causes (e.g., misconfiguration or even deliberate deployment). This adds fuzziness to the decision on whether to…

Cryptography and Security · Computer Science 2022-07-26 Martin Ukrop , Lydia Kraus , Vashek Matyas

Quantum computing represents an emerging threat to the public key infrastructure underlying transport layer security (TLS) widely used in the Internet. This paper describes how QKD symmetric keys can be used with TLS to provide quantum…

Cryptography and Security · Computer Science 2020-07-13 Bernardo Huberman , Bob Lund , Jing Wang

While applications quickly evolve, Internet protocols do not follow the same pace. There are two root causes for this. First, extending protocol with cleartext control plane is usually hindered by various network devices such as…

Networking and Internet Architecture · Computer Science 2024-05-03 Quentin De Coninck

Satellite broadband services are critical infrastructures enabling advanced technologies to function in the most remote regions of the globe. However, status-quo services are often unencrypted by default and vulnerable to eavesdropping…

Cryptography and Security · Computer Science 2020-02-13 James Pavur , Martin Strohmeier , Vincent Lenders , Ivan Martinovic