Speaking in tongues practical evaluation of TLS cipher suites compatibility

机译：说实话TLS密码套件兼容性的实际评估

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

The Transport Layer Security (TLS) protocol is still the de-facto standard for secure network connections over an insecure medium like the internet. But its flexibility concerning the algorithms used for securing a channel between two parties can also be a weakness, due to the possible agreement on insecure ciphers. In this work we examine an existing white paper (Applied Crypto Hardening) giving recommendations on how to securely configure SSL/TLS connections with regard to the practical feasibility of these recommendations. In addition we propose an additional configuration set with the aim of increasing compatibility as well as security. We also developed a small Cipher Negotiation Crawler (CiNeg) to test TLS-handshakes using given cipher configurations with a supplied list of websites and show its practical usability.

机译：传输层安全性（TLS）协议仍然是通过不安全介质（例如Internet）进行安全网络连接的事实上的标准。但是，由于可能会在不安全的密码上达成一致，因此在用于确保两方之间的信道安全的算法方面的灵活性也可能是一个弱点。在这项工作中，我们研究了一份现有的白皮书（应用加密强化），其中就这些建议的实际可行性提供了有关如何安全配置SSL / TLS连接的建议。另外，我们提出了一个额外的配置集，旨在提高兼容性和安全性。我们还开发了一个小型密码协商爬网程序（CiNeg），以使用给定的密码配置以及提供的网站列表来测试TLS握手，并显示其实际可用性。

著录项

来源
《International Joint Conference on e-Business and Telecommunications》|2015年|13-23|共11页
会议地点
作者
Manuel Koschuch; Taro Fruhwirth; Alexander Glaser; Silvie Schmidt; Matthias Hudler;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Ciphers; Servers; Protocols; Usability; Market research;

机译：密码;服务器;协议;可用性;市场研究;

相似文献

外文文献
中文文献
专利

1. Nonce reuse/misuse resistance authentication encryption schemes for modern TLS cipher suites and QUIC based web servers [J] . Journal of intelligent & fuzzy systems: Applications in Engineering and Technology . 2020,第5aPta2期

机译：NANCE重用/滥用电阻认证加密计划，用于现代TLS密码套件和基于Quic的Web服务器
2. Investigating the Multi-Ciphersuite and Backwards-Compatibility Security of the Upcoming TLS 1.3 [J] . Lan Xiao, Xu Jing, Zhang Zhen-Feng, IEEE transactions on dependable and secure computing . 2019,第2期

机译：研究即将推出的TLS 1.3的多机种和向后兼容的安全性
3. Investigating the Multi-Ciphersuite and Backwards-Compatibility Security of the Upcoming TLS 1.3 [J] . Lan Xiao, Xu Jing, Zhang Zhen-Feng, IEEE transactions on dependable and secure computing . 2019,第2期

机译：调查即将到来的TLS 1.3的多Ciphersuite和倒退兼容性安全性
4. Speaking in tongues practical evaluation of TLS cipher suites compatibility [C] . Manuel Koschuch, Taro Fruhwirth, Alexander Glaser, International Joint Conference on e-Business and Telecommunications . 2015

机译：在舌头演讲的实际评估TLS Cipher Suites兼容性
5. The divine methodology: Speaking in tongues, and insights on second language acquisition [D] . Donnelly, Marcos 2008

机译：神圣方法：用舌头说话，以及第二语言习得的见解
6. A Practical Evaluation on RSA and ECC-Based Cipher Suites for IoT High-Security Energy-Efficient Fog and Mist Computing Devices [O] . Manuel Suárez-Albela, Paula Fraga-Lamas, Tiago M. Fernández-Caramés 2018

机译：基于RSA和ECC的密码套件的物联网高安全性节能雾和雾计算设备的实用评估
7. AES-CCM Elliptic Curve Cryptography (ECC) Cipher Suites for TLS [O] . D. McGrew, D. Bailey, M. Campagna, 2014

机译：AES-CCM椭圆曲线加密（ECC）用于TLS的密码套件

Speaking in tongues practical evaluation of TLS cipher suites compatibility

摘要

著录项

相似文献

相关主题

期刊订阅