Securing SSL certificate verification through dynamic linking
A Bates, J Pletcher, T Nichols, B Hollembaek… - Proceedings of the …, 2014 - dl.acm.org
Recent discoveries of widespread vulnerabilities in the SSL/TLS protocol stack, particular
with regard to the verification of server certificates, has left the security of the Internet's …
with regard to the verification of server certificates, has left the security of the Internet's …
{AuthLoop}:{End-to-End} cryptographic authentication for telephony over voice channels
Telephones remain a trusted platform for conducting some of our most sensitive exchanges.
From banking to taxes, wide swathes of industry and government rely on telephony as a …
From banking to taxes, wide swathes of industry and government rely on telephony as a …
Scaling pseudonymous authentication for large mobile systems
The central building block of secure and privacy-preserving Vehicular Communication (VC)
systems is a Vehicular Public-Key Infrastructure (VPKI), which provides vehicles with …
systems is a Vehicular Public-Key Infrastructure (VPKI), which provides vehicles with …
What's in a downgrade? A taxonomy of downgrade attacks in the TLS protocol and application protocols using TLS
ES Alashwali, K Rasmussen - … 2018, Singapore, Singapore, August 8-10 …, 2018 - Springer
A number of important real-world protocols including the Transport Layer Security (TLS)
protocol have the ability to negotiate various security-related choices such as the protocol …
protocol have the ability to negotiate various security-related choices such as the protocol …
Vulnerability prioritization, root cause analysis, and mitigation of secure data analytic framework implemented with mongodb on singularity linux containers
A Vulnerability Management system is a disciplined, programmatic approach to discover
and mitigate vulnerabilities in a system. While securing systems from data exploitation and …
and mitigate vulnerabilities in a system. While securing systems from data exploitation and …
Stale TLS certificates: investigating precarious third-party access to valid TLS keys
Certificate authorities enable TLS server authentication by generating certificates that attest
to the mapping between a domain name and a cryptographic keypair, for up to 398 days …
to the mapping between a domain name and a cryptographic keypair, for up to 398 days …
A global perspective on an emotional learning model proposal
Existing literature argues that emotions have a significant impact on the majority of human
activities and functions. The learning process is one of the activities on which emotions have …
activities and functions. The learning process is one of the activities on which emotions have …
SoK: Delegation and Revocation, the Missing Links in the Web's Chain of Trust
The ability to quickly revoke a compromised key is critical to the security of any public-key
infrastructure. Regrettably, most traditional certificate revocation schemes suffer from …
infrastructure. Regrettably, most traditional certificate revocation schemes suffer from …
SoK: Log based transparency enhancing technologies
A Hicks - arXiv preprint arXiv:2305.01378, 2023 - arxiv.org
This paper systematizes log based Transparency Enhancing Technologies. Based on work
on transparency from multiple disciplines we outline the purpose, usefulness, and pitfalls of …
on transparency from multiple disciplines we outline the purpose, usefulness, and pitfalls of …
A technique to circumvent SSL/TLS validations on iOS devices
CJ D'Orazio, KKR Choo - Future Generation Computer Systems, 2017 - Elsevier
SSL/TLS validations such as certificate and public key pinning can reinforce the security of
encrypted communications between Internet-of-Things devices and remote servers, and …
encrypted communications between Internet-of-Things devices and remote servers, and …