Access the full text.
Sign up today, get DeepDyve free for 14 days.
N. Heninger, Z. Durumeric, Eric Wustrow, Alex Halderman (2012)
Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices
Breitner, J., Heninger, N. (2019)
Biased nonce sense: lattice attacks against weak ECDSA signatures in cryptocurrencies23rd International Conference on Financial Cryptography and Data Security
(2021)
Deprecate CyaSSL library #151
Bernstein, D.J., Lange, T., Niederhagen, R. (2016)
Dual EC: a standardized back doorLecture Notes in Computer Science Essays
A. Lenstra, James Hughes, Maxime Augier, Joppe Bos, T. Kleinjung, Christophe Wachter (2012)
Public Keys
(2012)
Flaw found in an online encryption method
Barker, E.B., Kelsey, J.M. (2007)
Recommendation for random number generation using deterministic random bit generators (revised)U.S. Department of Commerce
(2021)
The scandalous history of the last rotor cipher machine
N. Courtois, Daniel Hulme, K. Hussain, J. Gawinecki, M. Grajek (2013)
On Bad Randomness and Cloning of Contactless Payment and Building Smart Cards2013 IEEE Security and Privacy Workshops
P. Flajolet, A. Odlyzko (1990)
Random Mapping Statistics
D. Bernstein, T. Lange, R. Niederhagen (2015)
Dual EC: A Standardized Back DoorIACR Cryptol. ePrint Arch., 2015
F. Brooks (1974)
The mythical man-month" essays on software engineering, addison-wesley
(2019)
TLS fingerprinting with JA3 and JA3S. Salesforce Engineering; https://engineering. salesforce.com/ tls-fingerprinting-with-ja3-andja3s-247362855967
L. Owens (1996)
The mythical man-month: Essays on software engineeringIEEE Annals of the History of Computing, 18
(2007)
TLS fingerprinting with JA 3 and JA 3 S
Lenstra, A.K., Hughes, J.P., Augier, M., Bos, J.W., Kleinjung, T., Wachter, C. (2012)
Public keysProceedings of the 32nd Annual Conference on Advances in Cryptology
Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, Philipp Jovanovic (2016)
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLSIACR Cryptol. ePrint Arch., 2016
Joachim Breitner, N. Heninger (2019)
Biased Nonce Sense: Lattice Attacks against Weak ECDSA Signatures in CryptocurrenciesIACR Cryptol. ePrint Arch., 2019
Jonathan Kilgallin, Ross Vasko (2019)
Factoring RSA Keys in the IoT Era2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA)
Brian LaMacchia, K. Lauter, Anton Mityagin (2006)
Stronger Security of Authenticated Key ExchangeIACR Cryptol. ePrint Arch., 2006
W. Diffie, M. Hellman (1976)
New Directions in CryptographyDemocratizing Cryptography
W. Diffie, P. Oorschot, M. Wiener (1992)
Authentication and authenticated key exchangesDesigns, Codes and Cryptography, 2
Diffie, W., Van Oorschot, P.C. Wiener, M.J. (1992)
Authentication and authenticated key exchangesDesigns, 2
Flajolet, P., Odlyzko, A.M. (1989)
Random mapping statisticsProceedings of the Workshop on the Theory and Application of Cryptographic Techniques
James Hughes (2021)
BadRandom: The effect and mitigations for low entropy random numbers in TLS
Böck, H., Zauner, A., Devlin, S., Somorovsky, J., Jovanovic, P. (2016)
Nonce-disrespecting adversaries: practical forgery attacks on GCM in TLS10th Usenix Workshop on Offensive Technologies; https://www.usenix.org/conference/woot16/workshop-program/presentation/bock.
LaMacchia, B., Lauter, K., Mityagin, A. (2007)
Stronger security of authenticated key exchangeInternational Conference on Provable Security
Meltem Turan, Elaine Barker, J. Kelsey, K. McKay, Mary Baish, Mike Boyle (2018)
Recommendation for the Entropy Sources Used for Random Bit Generation
Marcella Hastings, Joshua Fried, N. Heninger (2016)
Weak Keys Remain Widespread in Network DevicesProceedings of the 2016 Internet Measurement Conference
Courtois, N.T., Hulme, D., Hussain, K., Gawinecki, J.A., Grajek, M. (2013)
On bad randomness and cloning of contactless payment and building smart cardsProceedings of the IEEE Security and Privacy Workshops. IEEE
Hastings, M., Fried, J., Heninger, N. (2016)
Weak keys remain widespread in network devicesProceedings of the Internet Measurement Conference
Many in the cryptographic community scoff at the mistakes made in implementing RNGs. Many cryptographers and members of the IETF resist the call to make TLS more resilient to this class of failures. This article discusses the history, current state, and fragility of the TLS protocol, and it closes with an example of how to improve the protocol. The goal is not to suggest a solution but to start a dialog to make TLS more resilient by proving that the security of TLS without the assumption of perfect random numbers is possible.
Queue – Association for Computing Machinery
Published: Jun 30, 2022
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.