We advance the study of secure stream-based channels (Fischlin et al., CRYPTO '15) by considering the multiplexing of many data streams over a single channel, an essential feature of real world protocols such as TLS. Our treatment adopts the definitional perspective of Rogaway and Stegers (CSF '09), which offers an elegant way to reason about what standardizing documents actually provide: a partial specification of a protocol that admits a collection of compliant, fully realized implementations. We formalize partially specified channels as the component algorithms of two parties communicating over a channel. Each algorithm has an oracle that provides specification details ; the algorithms abstract the things that must be explicitly specified, while the oracle abstracts the things that need not be. Our security notions, which capture a variety of privacy and integrity goals, allow the adversary to respond to these oracle queries; security relative to these notions implies that the channel withstands attacks in the presence of worst-case (i.e., adversarial) realizations of the specification details. We apply this framework to a formal treatment of the TLS 13 record and, in doing so, show that its security hinges crucially upon details left unspecified by the standard.
more »
« less
TLS 1.3 in Practice:How TLS 1.3 Contributes to the Internet
More Like this
-
-
The goal of this project is to characterize and constrain the physical mechanisms that control snowmelt delivery to streams in headwater basins. This project leverages new observation and modeling techniques to quantify and simulate the snow distribution, water holding capacity, snowmelt production, and dynamic flowpaths. This is achieved through state-of-the-science observation techniques including ground penetrating radar (GPR), Terrestrial LiDAR Scanning (TLS), global positioning system (GPS) instrumentation, a network of sensor nodes continuously measuring soil moisture and snow depth, and a weir to monitor streamflow. Finally, hydrologic modeling will be conducted with the Structure for Unified Multiple Modeling Alternatives (SUMMA) model to assess the impact of modeling decisions and the ability to simulate snowmelt dynamics. The overarching research question of this project is: How do snowpack liquid water storage and through-snow hydrologic flowpaths affect hillslope-stream connectivity, and how do these processes evolve throughout the snowmelt season? This research question will be investigated in a snow-dominated headwater catchment. This work will observe and simulate the spatially and temporally variable snowmelt season to complete the following project objectives: O1) Map the dynamics of catchment snow water equivalent (SWE) using TLS surveys, GPR surveys, a network of sensor nodes, and manual observations. O2) Monitor the spatial and temporal progression of snowpack liquid water content and transport using combined TLS and GPR surveys, automated GPS signal attenuation, soil moisture sensors, and catchment streamflow response. O3) Evaluate the skill of hydrologic models to simulate the observed dynamics of the snowpack, soil, and streamflow response by systematically analyzing multiple model representations of hydrologic processes and scaling behavior. The work builds upon decades of local research in hydrology, biogeochemistry, and ecological processes.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1145/3442381.3450057
