Tools
Sorted by:
Try your query at:
 |
 |
 |
 |
 |
 |
Results 1 - 10
of
108
Lucky Microseconds: A Timing Attack on Amazon’s s2n Implementation of TLS
, 2015
"... s2n is an implementation of the TLS protocol that was released in late June 2015 by Amazon. It is implemented in around 6,000 lines of C99 code. By comparison, OpenSSL needs around 70,000 lines of code to implement the protocol. At the time of its release, Amazon announced that s2n had undergone thr ..."
Abstract
- Add to MetaCart
s2n is an implementation of the TLS protocol that was released in late June 2015 by Amazon. It is implemented in around 6,000 lines of C99 code. By comparison, OpenSSL needs around 70,000 lines of code to implement the protocol. At the time of its release, Amazon announced that s2n had undergone
4). Lucky thirteen: Breaking the TLS and DTLS record protocols. Retrieved July 5, 2013 from http://www.isg.rhul.ac.uk/tls/Lucky13.html
- Department of Commerce, NIST
, 2013
"... Abstract The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data in transit across untrusted networks. TLS has become the de facto secure protocol of choice for Internet and mobile applications. DTLS is a variant of TLS that is growing in importance. In thi ..."
Abstract
-
Cited by 35 (4 self)
- Add to MetaCart
. In this paper, we present distinguishing and plaintext recovery attacks against TLS and DTLS. The attacks are based on a delicate timing analysis of decryption processing in the two protocols. We include experimental results demonstrating the feasibility of the attacks in realistic network environments
Revisiting SSL/TLS implementations: New bleichenbacher side channels and attacks
- In 23rd USENIX Security Symposium (USENIX Security 14) (2014), USENIX Association
"... As a countermeasure against the famous Bleichenbacher attack on RSA based ciphersuites, all TLS RFCs starting from RFC 2246 (TLS 1.0) propose “to treat incorrectly formatted messages in a manner indistinguishable from correctly formatted RSA blocks”. In this paper we show that this objective has not ..."
Abstract
-
Cited by 7 (2 self)
- Add to MetaCart
of these side channels are timing-based, and two of them provide the first timing-based Bleichenbacher attacks on SSL/TLS described in the lit-erature. Our measurements confirmed that all these side channels are observable over a switched network, with timing differences between 1 and 23 microseconds. We were
On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption
"... Encrypted key transport with RSA-PKCS#1 v1.5 is the most com-monly deployed key exchange method in all current versions of the Transport Layer Security (TLS) protocol, including the most re-cent version 1.2. However, it has several well-known issues, most importantly that it does not provide forward ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
forward secrecy, and that it is prone to side channel attacks that may enable an attacker to learn the session key used for a TLS session. A long history of attacks shows that RSA-PKCS#1 v1.5 is extremely difficult to implement securely. The current draft of TLS version 1.3 dispenses with this encrypted
Supervised by
, 2007
"... I would like to thank my parents for always believing in me. I would also like to thank my supervisors Richard Lindner and Johannes Buchmann for their useful comments and suggestions on how to improve the queality of the thesis. Not on last place I would like to thank Vadim Lyubashevsky and Luis Car ..."
Abstract
- Add to MetaCart
I would like to thank my parents for always believing in me. I would also like to thank my supervisors Richard Lindner and Johannes Buchmann for their useful comments and suggestions on how to improve the queality of the thesis. Not on last place I would like to thank Vadim Lyubashevsky and Luis Carlos Coronado Garcia for their kindness and readiness to answer my questions. Warranty I hereby warrant that the content of this thesis is the direct result of my own work and that any use made in it of published or unpublished material is fully and correctly referenced. I also warrant that the presented work has
The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software
"... SSL (Secure Sockets Layer) is the de facto standard for secure Internet communications. Security of SSL connections against an active network attacker depends on correctly validating public-key certificates presented when the connection is established. We demonstrate that SSL certificate validation ..."
Abstract
-
Cited by 46 (3 self)
- Add to MetaCart
this middleware. Any SSL connection from any of these programs is insecure against a man-in-the-middle attack. The root causes of these vulnerabilities are badly designed APIs of SSL implementations (such as JSSE, OpenSSL, and GnuTLS) and data-transport libraries (such as cURL) which present developers with a
22.10.2009 Implementation of a Peer-to-Peer Multiplayer Game with Realtime Requirements
"... Massively multiplayer online games (MMOGs) have become increasingly popular in the recent years, particularly in the form of online role-playing games (MMORPGs). These games support up to several ten thousand players interacting in a virtual game world. The current commercially successful games are ..."
Abstract
- Add to MetaCart
serious alternative. This work analyzes the implementation of both a client-server and a peer-to-peer networking model for the prototype shooter game Planet π4. Initially, a survey introduces recent academic approaches to peer-to-peer systems specifically designed for games. Of those, one system
und Computeralgebra (CDC) Algebraic methods in analyzing lightweight cryptographic symmetric primitives
"... Algebraic methods in analyzing ..."
Results 1 - 10
of
108
