1 |
E. Rescorla and N. Modadugu, "Datagram Transport Layer Security Version 1.2.," RFC 6347 (Proposed Standard), Jan. 2012.
|
2 |
A. Bittau, M. Hamburg, M. Handley, D. Mazieres, and D. Boneh, "The case for ubiquitous transport-level encryption.," USENIX Security Symposium, pp. 403-418, Aug. 2010.
|
3 |
J. Roskind, QUIC (Quick UDP Internet Connections): Multiplexed Stream Transport Over UDP, Dec. 2013.
|
4 |
C. Kaufman, P. Hoffman, Y. Nir, P. Eronen, and T. Kivinen, "Internet Key Exchange Protocol Version 2 (IKEv2).," RFC 7296 (INTERNET STANDARD), Oct. 2014.
|
5 |
T. Duong and J. Rizzo, "Here come the XOR Ninjas," White paper, Netifera, 2011.
|
6 |
T. Be'ery and A. Shulman, "A perfect crime? only time will tell," Black Hat Europe 2013, Mar. 2013.
|
7 |
N. J. A. Fardan and K. Paterson, "Lucky Thirteen: Breaking the TLS and DTLS Record Protocols," Security and Privacy (SP), 2013 IEEE Symposium on, pp. 526-540, IEEE, May 2013. Article (CrossRef Link)
|
8 |
N. J. AlFardan, D. J. Bernstein, K. G. Paterson, B. Poettering, and J. Schuldt, "On the Security of RC4 in TLS," USENIX Security Symposium, pp. 305-320, Aug. 2013.
|
9 |
Z. Durumeric, J. Kasten, D. Adrian, J. A. Halderman, M. Bailey, F. Li, N. Weaver, J. Amann, J. Beekman, M. Payer et al., "The Matter of Heartbleed," in Proc. of the 2014 Conference on Internet Measurement Conference, pp. 475-488, ACM, May 2014. Article (CrossRef Link)
|
10 |
M. Bland, “Finding More Than One Worm in the Apple,” ACM Queue vol. 12, pp. 10:10–10:21, May 2014.
DOI
|
11 |
A. K. Yau, K. G. Paterson, and C. J. Mitchell, “Padding oracle attacks on CBC-mode encryption with secret and random IVs,” Fast Software Encryption, pp. 299–319, Springer, Feb. 2005. Article (CrossRef Link)
|
12 |
T. Jager, K. G. Paterson, and J. Somorovsky, "One bad apple: Backwards compatibility attacks on state-of-the-art cryptography," Network & Distributed System Security Symposium, Feb. 2013.
|
13 |
M. Lamberger and F. Mendel, "Higher-Order Differential Attack on Reduced SHA-256," IACR Cryptology ePrint Archive, vol. 2011, p. 37, 2011.
|
14 |
X. Wang, Y. Yin, and H. Yu, "Finding Collisions in the Full SHA-1," Advances in Cryptology-CRYPTO 2005, pp. 17-36, Aug. 2005.
|
15 |
M. Stevens, A. Lenstra, and B. Weger, "Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities," Advances in Cryptology-EUROCRYPT 2007, pp. 1-22, May 2007. Article (CrossRef Link)
|
16 |
P. Sepehrdad, S. Vaudenay, and M. Vuagnoux, "Discovery and Exploitation of New Biases in RC4," Selected Areas in Cryptography, pp. 74-91, Springer, Aug 2010. Article (CrossRef Link)
|
17 |
K. Hu, T. Wolf, T. Teixeira and R. Tessier, "System-level security for network processors with hardware monitors," Design Automation Conference (DAC), 2014 51st ACM/EDAC/IEEE, Jun. 2014.
|
18 |
E. S. Freire, D. Hofheinz, E. Kiltz, and K. G. Paterson, "Non-Interactive Key Exchange," Public-Key Cryptography-PKC 2013, pp. 254-271, Springer, 2013. Article (CrossRef Link)
|
19 |
H. Krawczyk, "HMQV: A High-Performance Secure Diffie-Hellman Protocol," in Proc. of the 25th Annual International Conference on Advances in Cryptology, CRYPTO'05, pp. 546-566, Springer-Verlag, 2005. Article (CrossRef Link)
|
20 |
A. C.-C. Yao and Y. Zhao, "OAKE: a new family of implicitly authenticated diffie-hellman protocols," in Proc. of the 2013 ACM SIGSAC conference on Computer & communications security, CCS '13, pp. 1113-1128, ACM, Apr. 2013. Article (CrossRef Link)
|
21 |
A. Freier, P. Karlton, and P. Kocher, "The Secure Sockets Layer (SSL) Protocol Version 3.0," RFC 6101 (Historic), Aug. 2011.
|
22 |
B. Sullivan, “Cryptographic Agility: Defending Against the Sneakers Scenario,” MSDN Magazine, Aug. 2009.
|
23 |
M. Howard and S. Lipner, The security development lifecycle, O'Reilly Media, Incorporated, 2009.
|
24 |
S. Kent and K. Seo, "Security Architecture for the Internet Protocol," RFC 4301 (Proposed Standard), Dec. 2005.
|
25 |
T. Dierks and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2," RFC 5246 (Proposed Standard), Aug. 2008.
|
26 |
T. Ylonen and C. Lonvick, "The Secure Shell (SSH) Protocol Architecture," RFC 4251 (Proposed Standard), Jan. 2006.
|
27 |
W. M. Petullo, X. Zhang, J. A. Solworth, D. J. Bernstein, and T. Lange, "MinimaLT: minimal-latency networking through better security," in Proc. of the 2013 ACM SIGSAC conference on Computer & communications security, pp. 425-438, ACM, 2013. Article (CrossRef Link)
|
28 |
I. Lasc, R. Dojen, and T. Coffey, “On the detection of desynchronisation attacks against security protocols that use dynamic shared secrets,” Computers & Security, vol. 32, pp. 115–129, Nov. 2012. Article (CrossRef Link)
DOI
|
29 |
A. D. Jurcut, T. Coffey, and R. Dojen, “Design guidelines for security protocols to prevent replay and parallel session attacks,” Computers and Security, vol. 45, pp. 255–273, Jun. 2014. Article (CrossRef Link)
DOI
|
30 |
V. Vasic, A. Kukec, and M. Mikuc, "Deploying new hash algorithms in secure neighbor discovery," in Proc. of 2011 19th International Conference on Software Telecommunications and Computer Networks (SoftCOM), Sept. 2011.
|
31 |
W. Aiello, S. Bellovin, M. Blaze, R. Canetti, J. Ioannidis, A. Keromytis, and O. Reingold, “Just fast keying: Key agreement in a hostile internet,” ACM Transactions on Information and System Security (TISSEC), vol. 7, no. 2, pp. 242–273, May 2004. Article (CrossRef Link)
DOI
|
32 |
H. Krawczyk, “Perfect forward secrecy,” Encyclopedia of Cryptography and Security, pp. 921–922, Springer Science & Business Media, 2012.
|
33 |
H. Krawczyk, "Sigma: The 'SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and Its Use in the IKE Protocols," Advances in Cryptology-CRYPTO 2003, pp. 400-425, Springer, Aug. 2003. Article (CrossRef Link)
|
34 |
J. Arkko, J. Kempf, B. Zill, and P. Nikander, "SEcure Neighbor Discovery (SEND)," RFC 3971 (Proposed Standard), Mar. 2005.
|
35 |
V. Vasic and M. Mikuc, "Security agility solution independent of the underlaying protocol architecture," in Proc. of the First International Conference on Agreement Technologies, Oct. 2012.
|
36 |
W. Diffie and M. Hellman, “New directions in cryptography,” Information Theory, IEEE Transactions on, vol. 22, pp. 644–654, Nov 1976. Article (CrossRef Link)
DOI
|
37 |
M. Bellare, R. Canetti, and H. Krawczyk, "Keying hash functions for message authentication," Advances in Cryptology — CRYPTO '96, pp. 1-15, Springer Berlin Heidelberg, 1996. Article (CrossRef Link)
|
38 |
H. Krawczyk, M. Bellare, and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication," RFC 2104 (Informational), Feb. 1997.
|
39 |
T. Ylonen and C. Lonvick, "The Secure Shell (SSH) Transport Layer Protocol.," RFC 4253 (Proposed Standard), Jan. 2006.
|
40 |
R. Canetti and H. Krawczyk, "Security Analysis of IKE's Signature-Based Key-Exchange Protocol," Advances in Cryptology—CRYPTO 2002, pp. 143-161, Springer, Aug. 2002. Article (CrossRef Link)
|
41 |
C. J. F. Cremers, Scyther: Unbounded Verification of Security Protocols, ETH, Department of Computer Science, 2007.
|
42 |
C. J. F. Cremers, Scyther user manual, 2014.
|
43 |
C. J. F. Cremers, Scyther: Semantics and verification of security protocols, Eindhoven University of Technology, 2006.
|
44 |
G. Lowe, "A hierarchy of authentication specifications," in Proc. of 10th Computer Security Foundations Workshop, pp. 31-43, IEEE, 1997. Article (CrossRef Link)
|