Easing the conscience with OPC UA: An internet-wide study on insecure deployments
Due to increasing digitalization, formerly isolated industrial networks, eg, for factory and
process automation, move closer and closer to the Internet, mandating secure …
process automation, move closer and closer to the Internet, mandating secure …
We really need to talk about session tickets: A {Large-Scale} analysis of cryptographic dangers with {TLS} session tickets
Session tickets improve the performance of the TLS protocol. They allow abbreviating the
handshake by using secrets from a previous session. To this end, the server encrypts the …
handshake by using secrets from a previous session. To this end, the server encrypts the …
Raccoon Attack: Finding and Exploiting {Most-Significant-Bit-Oracles} in {TLS-DH (E})
Diffie-Hellman key exchange (DHKE) is a widely adopted method for exchanging
cryptographic key material in real-world protocols like TLS-DH (E). Past attacks on TLS-DH …
cryptographic key material in real-world protocols like TLS-DH (E). Past attacks on TLS-DH …
Missed opportunities: Measuring the untapped TLS support in the industrial Internet of Things
The ongoing trend to move industrial appliances from previously isolated networks to the
Internet requires fundamental changes in security to uphold secure and safe operation …
Internet requires fundamental changes in security to uphold secure and safe operation …
Session resumption protocols and efficient forward security for TLS 1.3 0-RTT
Abstract The TLS 1.3 0-RTT mode enables a client reconnecting to a server to send
encrypted application-layer data in “0-RTT”(“zero round-trip time”), without the need for a …
encrypted application-layer data in “0-RTT”(“zero round-trip time”), without the need for a …
Ten years of zmap
Since ZMap's debut in 2013, networking and security researchers have used the open-
source scanner to write hundreds of research papers that study Internet behavior. In …
source scanner to write hundreds of research papers that study Internet behavior. In …
Open to a fault: On the passive compromise of {TLS} keys via transient errors
GA Sullivan, J Sippe, N Heninger… - 31st USENIX Security …, 2022 - usenix.org
It is well known in the cryptographic literature that the most common digital signature
schemes used in practice can fail catastrophically in the presence of faults during …
schemes used in practice can fail catastrophically in the presence of faults during …
Retina: analyzing 100GbE traffic on commodity hardware
As network speeds have increased to over 100 Gbps, operators and researchers have lost
the ability to easily ask complex questions of reassembled and parsed network traffic. In this …
the ability to easily ask complex questions of reassembled and parsed network traffic. In this …
Postcards from the post-http world: Amplification of https vulnerabilities in the web ecosystem
HTTPS aims at securing communication over the Web by providing a cryptographic
protection layer that ensures the confidentiality and integrity of communication and enables …
protection layer that ensures the confidentiality and integrity of communication and enables …
Tracking users across the web via TLS session resumption
User tracking on the Internet can come in various forms, eg, via cookies or by fingerprinting
web browsers. A technique that got less attention so far is user tracking based on TLS and …
web browsers. A technique that got less attention so far is user tracking based on TLS and …