More Like this

1. Partially Specified Channels: The TLS 1.3 Record Layer without Elision

   https://doi.org/10.1145/3243734.3243789  

   Patton, Christopher; Shrimpton, Thomas (January 2018, Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security)

   We advance the study of secure stream-based channels (Fischlin et al., CRYPTO '15) by considering the multiplexing of many data streams over a single channel, an essential feature of real world protocols such as TLS. Our treatment adopts the definitional perspective of Rogaway and Stegers (CSF '09), which offers an elegant way to reason about what standardizing documents actually provide: a partial specification of a protocol that admits a collection of compliant, fully realized implementations. We formalize partially specified channels as the component algorithms of two parties communicating over a channel. Each algorithm has an oracle that provides specification details ; the algorithms abstract the things that must be explicitly specified, while the oracle abstracts the things that need not be. Our security notions, which capture a variety of privacy and integrity goals, allow the adversary to respond to these oracle queries; security relative to these notions implies that the channel withstands attacks in the presence of worst-case (i.e., adversarial) realizations of the specification details. We apply this framework to a formal treatment of the TLS 13 record and, in doing so, show that its security hinges crucially upon details left unspecified by the standard. 

   more » « less
2. When TLS Meets Proxy on Mobile

   https://doi.org/https://doi.org/10.1007/978-3-030-57808-4  

   Debnath, Joyanta; Chau, Sze Yiu; Chowdhury, Omar (July 2020, Lecture notes in computer science)

   Conti, Mauro; Zhou, Jianying; Spognardi, Angelo (Ed.)

   Increasingly more mobile browsers are developed to use proxies for traffic compression and censorship circumvention. While these browsers can offer such desirable features, their security implications are, however, not well understood, especially when tangled with TLS in the mix. Apart from vendor-specific proprietary designs, there are mainly 2 models of using proxies with browsers: TLS interception and HTTP tunneling. To understand the current practices employed by proxy-based mobile browsers, we analyze 34 Android browser apps that are representative of the ecosystem, and examine how their deployments are affecting communication security. Though the impacts of TLS interception on security was studied before in other contexts, proxy-based mobile browsers were not considered previously. In addition, the tunneling model requires the browser itself to enforce certain desired security policies (e.g., validating certificates and avoiding the use of weak cipher suites), and it is preferable to have such enforcement matching the security level of conventional desktop browsers. Our evaluation shows that many proxy-based mobile browsers downgrade the overall quality of TLS sessions, by for example allowing old versions of TLS (e.g., SSLv3.0 and TLSv1.0) and accepting weak cryptographic algorithms (e.g., 3DES and RC4) as well as unsatisfactory certificates (e.g., revoked or signed by untrusted CAs), thus exposing their users to potential security and privacy threats. We have reported our findings to the vendors of vulnerable proxy-based browsers and are waiting for their response. 

   more » « less
3. OpenSSLNTRU: Faster post-quantum TLS key exchange

   Bernstein, Daniel J.; Brumley, Billy Bob; Chen, Ming-Shing; Tuveri, Nicola (August 2022, USENIX Security Symposium 2022)
4. PDoT: Private DNS-over-TLS with TEE Support

   https://doi.org/https://doi.org/10.1145/3359789.3359793  

   Yoshimichi Nakatsuka, Andrew Paverd (December 2019, Annual Computer Security Applications Conference)
5. Fingerprinting Obfuscated Proxy Traffic with Encapsulated TLS Handshakes

   Xue, Diwen; Kallitsis, Michalis; Houmansadr, Amir; Ensafi, Roya (August 2024, USENIX)