Skip to search formSkip to main contentSkip to account menu

DROWN: Breaking TLS Using SSLv2

It is concluded that SSLv2 is not only weak, but actively harmful to the TLS ecosystem.
View Paper (opens in a new tab)

Raccoon Attack: Finding and Exploiting Most-Significant-Bit-Oracles in TLS-DH(E)

This work shows that due to a subtle issue in the key derivation of all TLS-DH(E) cipher suites in versions up to TLS 1.2, the premaster secret of a TLS-DH(E) session may, under certain circumstances, be leaked to an adversary, and describes a fully feasible remote attack against an otherwise-secure TLS configuration: OpenSSL with a 1032-bit DH modulus.
View Paper (opens in a new tab)

Practical (Post-Quantum) Key Combiners from One-Wayness and Applications to TLS

A construction of a dual-PRF that can be used as a drop-in replacement for current heuristic key combiners in a range of protocols and is based on concrete hardness assumptions, phrased in the spirit of one-wayness.
View Paper (opens in a new tab)

Session Resumption Protocols and Efficient Forward Security for TLS 1.3 0-RTT

A new generic construction that provably provides forward security and replay resilience, based on puncturable pseudorandom functions (PPRFs) is given and it is shown that this construction can immediately be used in TLS 1.3 0-RTT and deployed unilaterally by servers, without requiring any changes to clients or the protocol.
Springer Nature (opens in a new tab)

TLS: Vulnerabilities and Improvements - Past, Present and Future

View Paper (opens in a new tab)

Scalable Scanning and Automatic Classification of TLS Padding Oracle Vulnerabilities

This work presents the first large-scale scan for CBC padding oracle vulnerabilities in TLS implementations on the modern Internet, detecting vulnerabilities that can be exploited simply by observing the content of different server responses.
View Paper (opens in a new tab)

Adaptive Probing and Communication in Sensor Networks

A common challenge is in setting the probing frequency, so as to compromise between the cost of frequent probing and the inaccuracy resulting from infrequent probing.
Publisher (opens in a new tab)

Optimizing Dijkstra for real-world performance

An even faster queue design for Dijkstra's algorithm, with results currently put the prototype implementation at about twice as fast as the Boost implementation of the algorithm on both real-world and generated large graphs.
arXiv (opens in a new tab)
By clicking accept or continuing to use the site, you agree to the terms outlined in our Privacy Policy (opens in a new tab), Terms of Service (opens in a new tab), and Dataset License (opens in a new tab)