The most dangerous code in the world: validating SSL certificates in non-browser software
SSL (Secure Sockets Layer) is the de facto standard for secure Internet communications.
Security of SSL connections against an active network attacker depends on correctly …
Security of SSL connections against an active network attacker depends on correctly …
SoK: SSL and HTTPS: Revisiting past challenges and evaluating certificate trust model enhancements
J Clark, PC Van Oorschot - 2013 IEEE Symposium on Security …, 2013 - ieeexplore.ieee.org
Internet users today depend daily on HTTPS for secure communication with sites they intend
to visit. Over the years, many attacks on HTTPS and the certificate trust model it uses have …
to visit. Over the years, many attacks on HTTPS and the certificate trust model it uses have …
Using frankencerts for automated adversarial testing of certificate validation in SSL/TLS implementations
Modern network security rests on the Secure Sockets Layer (SSL) and Transport Layer
Security (TLS) protocols. Distributed systems, mobile and desktop applications, embedded …
Security (TLS) protocols. Distributed systems, mobile and desktop applications, embedded …
Data usage-based privacy and security issues in mobile app recommendation (MAR): a systematic literature review
Purpose Similarly, Zhu et al.(2014) and Zhang et al.(2014) stated that addressing privacy
concerns with the recommendation process is necessary for the healthy development of app …
concerns with the recommendation process is necessary for the healthy development of app …
Ron was wrong, Whit is right
We performed a sanity check of public keys collected on the web. Our main goal was to test
the validity of the assumption that different random choices are made each time keys are …
the validity of the assumption that different random choices are made each time keys are …
Tracking certificate misissuance in the wild
D Kumar, Z Wang, M Hyder, J Dickinson… - … IEEE Symposium on …, 2018 - ieeexplore.ieee.org
Certificate Authorities (CAs) regularly make mechanical errors when issuing certificates. To
quantify these errors, we introduce ZLint, a certificate linter that codifies the policies set forth …
quantify these errors, we introduce ZLint, a certificate linter that codifies the policies set forth …
Towards a complete view of the certificate ecosystem
B VanderSloot, J Amann, M Bernhard… - Proceedings of the …, 2016 - dl.acm.org
The HTTPS certificate ecosystem has been of great interest to the measurement and security
communities. Without any ground truth, researchers have attempted to study this PKI from a …
communities. Without any ground truth, researchers have attempted to study this PKI from a …
QR code security: A survey of attacks and challenges for usable security
QR (Quick Response) codes are two-dimensional barcodes with the ability to encode
different types of information. Because of their high information density and robustness, QR …
different types of information. Because of their high information density and robustness, QR …
When HTTPS meets CDN: A case of authentication in delegated service
Content Delivery Network (CDN) and Hypertext Transfer Protocol Secure (HTTPS) are two
popular but independent web technologies, each of which has been well studied …
popular but independent web technologies, each of which has been well studied …
TLS in the wild: An Internet-wide analysis of TLS-based protocols for electronic communication
R Holz, J Amann, O Mehani, M Wachs… - arXiv preprint arXiv …, 2015 - arxiv.org
The majority of electronic communication today happens either via email or chat. Thanks to
the use of standardised protocols electronic mail (SMTP, IMAP, POP3) and instant chat …
the use of standardised protocols electronic mail (SMTP, IMAP, POP3) and instant chat …