Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS (original) (raw)

SSL/TLS session-aware user authentication – Or how to effectively thwart the man-in-the-middle

Ralf Hauser

Computer Communications, 2006

View PDFchevron_right

Attacking RSA-Based Sessions in SSL/TLS

Carlos Bvo

2003

View PDFchevron_right

A Modular Security Analysis of the TLS Handshake Protocol

Bogdan Warinschi

Lecture Notes in Computer Science, 2008

View PDFchevron_right

The TLS Handshake Protocol: A Modular Analysis

Bogdan Warinschi

Journal of Cryptology, 2010

View PDFchevron_right

SSL/TLS session-aware user authentication revisited

Ralf Hauser, Rolf Oppliger

Computers & Security, 2008

View PDFchevron_right

LURK: Server-Controlled TLS Delegation

migault daniel

2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)

View PDFchevron_right

Provably secure browser-based user-aware mutual authentication over TLS

Sebastian Gajek, Mark Manulis

Proceedings of the 2008 ACM symposium on Information, computer and communications security - ASIACCS '08, 2008

View PDFchevron_right

VULNERABILITIES OF THE SSL/TLS PROTOCOL

Jelena Ćurguz, Computer Science & Information Technology (CS & IT) Computer Science Conference Proceedings (CSCP)

View PDFchevron_right

Man in The Middle Attacks Against SSL/TLS: Mitigation and Defeat

nur shamma

Journal of Cyber Security and Mobility

View PDFchevron_right

Improving the Secure Socket Layer Protocol by modifying its Authentication function

Ramzi Haraty, Abdul-Nasser El-Kassar

2006 World Automation Congress, 2006

View PDFchevron_right

Session Initiation Protocol Attacks and Challenges

Atul Mishra

View PDFchevron_right

Universally Composable Security Analysis of TLS

Sebastian Gajek, Mark Manulis

Lecture Notes in Computer Science, 2008

View PDFchevron_right

Survey of the Protection Mechanisms to the SSL-based Session Hijacking Attacks

Hasanul Islam

Network Protocols and Algorithms

View PDFchevron_right

Exchanging Demands: Weaknesses in SSL Implemenations for Mobile Platforms

Craig Valli

View PDFchevron_right

The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software

Rishita Anubhai

2013

View PDFchevron_right

Towards securing client-server connections against man-in-the-middle attacks

Mircea Giurgiu

2012 10th International Symposium on Electronics and Telecommunications, 2012

View PDFchevron_right

A STUDY OF THE SSL AND BACKDOOR BASED ATTACKS IN NETWORK ENVIRONMENTS

SKIREC Publication- UGC Approved Journals

View PDFchevron_right

Off-Path Hacking: The Illusion of Challenge-Response Authentication

Amir Herzberg

IEEE Secur. Privacy

View PDFchevron_right

On Establishing and Fixing a Parallel Session Attack in a Security Protocol

Anca Jurcut

2008

View PDFchevron_right

Taxonomy of SSL/TLS Attacks

KEERTHI VASAN K KEERTHI VASAN K

International Journal of Computer Network and Information Security, 2016

View PDFchevron_right

SSL/TLS Session-Aware User Authentication

Ralf Hauser

Computer, 2000

View PDFchevron_right

A Proof of Concept Implementation of SSL/TLS Session-Aware User Authentication (TLS-SA)

Bruno Kaiser

Informatik aktuell, 2007

View PDFchevron_right

WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring

Stefano Calzavara

View PDFchevron_right

Attacks to a proxy-mediated key agreement protocol based on symmetric encryption

David Nuñez

IACR Cryptol. ePrint Arch., 2016

View PDFchevron_right