publication . Part of book or chapter of book . Preprint . 2019

Towards Forward Secure Internet Traffic

Alashwali, Eman Salem; Szalachowski, Pawel; Martin, Andrew;
Open Access
  • Published: 29 Jun 2019
  • Publisher: Springer International Publishing
Abstract
Forward Secrecy (FS) is a security property in key-exchange algorithms which guarantees that a compromise in the secrecy of a long-term private-key does not compromise the secrecy of past session keys. With a growing awareness of long-term mass surveillance programs by governments and others, FS has become widely regarded as a highly desirable property. This is particularly true in the TLS protocol, which is used to secure Internet communication. In this paper, we investigate FS in pre-TLS 1.3 protocols, which do not mandate FS, but still widely used today. We conduct an empirical analysis of over 10 million TLS servers from three different datasets using a nove...
Subjects
free text keywords: Computer Science - Cryptography and Security
22 references, page 1 of 2

1. Akhawe, D., Felt, A.P.: Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness. In: Proceedings of USENIX Security Symposium (2013)

2. Alashwali, E.S.: Cryptographic Vulnerabilities in Real-Life Web Servers. In: Proceedings of Int. Conference on Communications and Information Technology (ICCIT). pp. 6-11 (2013)

3. Alashwali, E.S., Rasmussen, K.: What's in a Downgrade? A Taxonomy of Downgrade Attacks in the TLS Protocol and Application Protocols Using TLS. In: Proceedings of Applications and Techniques in Cyber Security (ATCS) (2018) [OpenAIRE]

4. Alashwali, E.S., Szalachowski, P., Martin, A.: Does “www.” Mean Better Transport Layer Security? In: Proceedings of Availability, Reliability and Security (ARES) (2019)

5. Alexa Internet, Inc.: Alexa Top Sites (2018), http://s3.amazonaws.com/alexa-static/ top-1m.csv.zip, accessed Aug. 22, 2018

6. AlFardan, N.J., Paterson, K.G.: Lucky Thirteen: Breaking the TLS and DTLS Record Protocols. In: Proceedings of Security and Privacy (SP). pp. 526-540 (2013)

7. Amann, J., Gasser, O., Scheitle, Q., Brent, L., Carle, G., Holz, R.: Mission Accomplished?: HTTPS Security After Diginotar. In: Proceedings of Internet Measurement Conference (IMC). pp. 325-340 (2017)

8. Barnes, R., Thomson, M., Pironti, A., Langley, A.: Deprecating Secure Sockets Layer Version 3.0 (2015), https://tools.ietf.org/html/rfc7568, accessed Sept. 30, 2018

9. Calzavara, S., Focardi, R., Nemec, M., Rabitti, A., Squarcina, M.: Postcards from the PostHTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem. In: Proceedings of Security and Privacy (SP) (2019) [OpenAIRE]

10. Cavallar, S., Dodson, B., Lenstra, A.K., Lioen, W., Montgomery, P.L., Murphy, B., te Riele, H., Aardal, K., Gilchrist, J., Guillerm, G., Leyland, P., Marchand, J., Morain, F., Muffett, A., Putnam, C., Craig, Zimmermann, P.: Factorization of a 512-Bit RSA Modulus. In: Proceedings of Advances in Cryptology (EUROCRYPT). pp. 1-18 (2000) [OpenAIRE]

11. Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6), 644-654 (1976) [OpenAIRE]

12. Dukhovni, V.: Opportunistic Security: Some Protection Most of the Time (2014), https:// tools.ietf.org/html/rfc7435.html, accessed Oct. 1, 2018

13. Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., Halderman, J.A.: A Search Engine Backed by Internet-Wide Scanning. In: Proceedings of Computer and Communications Security (CCS). pp. 542-553 (2015) [OpenAIRE]

14. Eastlake 3rd, D.: Transport Layer Security (TLS) Extensions: Extension Definitions, https://tools.ietf.org/html/rfc6066#page-6, accessed Jun. 19, 2019

15. FIPS: Advanced Encryption Standard (AES) (2001), https : //nvlpubs.nist.gov/ nistpubs/FIPS/NIST.FIPS.197.pdf, accessed Sept. 30, 2018

22 references, page 1 of 2
Abstract
Forward Secrecy (FS) is a security property in key-exchange algorithms which guarantees that a compromise in the secrecy of a long-term private-key does not compromise the secrecy of past session keys. With a growing awareness of long-term mass surveillance programs by governments and others, FS has become widely regarded as a highly desirable property. This is particularly true in the TLS protocol, which is used to secure Internet communication. In this paper, we investigate FS in pre-TLS 1.3 protocols, which do not mandate FS, but still widely used today. We conduct an empirical analysis of over 10 million TLS servers from three different datasets using a nove...
Subjects
free text keywords: Computer Science - Cryptography and Security
22 references, page 1 of 2

1. Akhawe, D., Felt, A.P.: Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness. In: Proceedings of USENIX Security Symposium (2013)

2. Alashwali, E.S.: Cryptographic Vulnerabilities in Real-Life Web Servers. In: Proceedings of Int. Conference on Communications and Information Technology (ICCIT). pp. 6-11 (2013)

3. Alashwali, E.S., Rasmussen, K.: What's in a Downgrade? A Taxonomy of Downgrade Attacks in the TLS Protocol and Application Protocols Using TLS. In: Proceedings of Applications and Techniques in Cyber Security (ATCS) (2018) [OpenAIRE]

4. Alashwali, E.S., Szalachowski, P., Martin, A.: Does “www.” Mean Better Transport Layer Security? In: Proceedings of Availability, Reliability and Security (ARES) (2019)

5. Alexa Internet, Inc.: Alexa Top Sites (2018), http://s3.amazonaws.com/alexa-static/ top-1m.csv.zip, accessed Aug. 22, 2018

6. AlFardan, N.J., Paterson, K.G.: Lucky Thirteen: Breaking the TLS and DTLS Record Protocols. In: Proceedings of Security and Privacy (SP). pp. 526-540 (2013)

7. Amann, J., Gasser, O., Scheitle, Q., Brent, L., Carle, G., Holz, R.: Mission Accomplished?: HTTPS Security After Diginotar. In: Proceedings of Internet Measurement Conference (IMC). pp. 325-340 (2017)

8. Barnes, R., Thomson, M., Pironti, A., Langley, A.: Deprecating Secure Sockets Layer Version 3.0 (2015), https://tools.ietf.org/html/rfc7568, accessed Sept. 30, 2018

9. Calzavara, S., Focardi, R., Nemec, M., Rabitti, A., Squarcina, M.: Postcards from the PostHTTP World: Amplification of HTTPS Vulnerabilities in the Web Ecosystem. In: Proceedings of Security and Privacy (SP) (2019) [OpenAIRE]

10. Cavallar, S., Dodson, B., Lenstra, A.K., Lioen, W., Montgomery, P.L., Murphy, B., te Riele, H., Aardal, K., Gilchrist, J., Guillerm, G., Leyland, P., Marchand, J., Morain, F., Muffett, A., Putnam, C., Craig, Zimmermann, P.: Factorization of a 512-Bit RSA Modulus. In: Proceedings of Advances in Cryptology (EUROCRYPT). pp. 1-18 (2000) [OpenAIRE]

11. Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6), 644-654 (1976) [OpenAIRE]

12. Dukhovni, V.: Opportunistic Security: Some Protection Most of the Time (2014), https:// tools.ietf.org/html/rfc7435.html, accessed Oct. 1, 2018

13. Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., Halderman, J.A.: A Search Engine Backed by Internet-Wide Scanning. In: Proceedings of Computer and Communications Security (CCS). pp. 542-553 (2015) [OpenAIRE]

14. Eastlake 3rd, D.: Transport Layer Security (TLS) Extensions: Extension Definitions, https://tools.ietf.org/html/rfc6066#page-6, accessed Jun. 19, 2019

15. FIPS: Advanced Encryption Standard (AES) (2001), https : //nvlpubs.nist.gov/ nistpubs/FIPS/NIST.FIPS.197.pdf, accessed Sept. 30, 2018

22 references, page 1 of 2
Powered by OpenAIRE Open Research Graph
Any information missing or wrong?Report an Issue
publication . Part of book or chapter of book . Preprint . 2019

Towards Forward Secure Internet Traffic

Alashwali, Eman Salem; Szalachowski, Pawel; Martin, Andrew;