Related papers: How to Measure TLS, X.509 Certificates, and Web PKI: A Tutorial and Brief Survey

How to Measure TLS, X.509 Certificates, and Web PKI: A Tutorial and Brief Survey

URL: http://arxiv.org/abs/2401.18053v1
Date: Wed, 31 Jan 2024 18:20:36 GMT
Title: How to Measure TLS, X.509 Certificates, and Web PKI: A Tutorial and Brief Survey
Authors: Pouyan Fotouhi Tehrani, Eric Osterweil, Thomas C. Schmidt, Matthias Wählisch,
Abstract summary: Transport Layer Security (TLS) is the base for many Internet applications and services to achieve end-to-end security. We provide guidance on how to measure TLS deployments, including X.509 certificates and Web PKI.
Score: 0.8749675983608172
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: Transport Layer Security (TLS) is the base for many Internet applications and services to achieve end-to-end security. In this paper, we provide guidance on how to measure TLS deployments, including X.509 certificates and Web PKI. We introduce common data sources and tools, and systematically describe necessary steps to conduct sound measurements and data analysis. By surveying prior TLS measurement studies we find that diverging results are rather rooted in different setups instead of different deployments. To improve the situation, we identify common pitfalls and introduce a framework to describe TLS and Web PKI measurements. Where necessary, our insights are bolstered by a data-driven approach, in which we complement arguments by additional measurements.

Related papers

Empowering Large Language Models in Wireless Communication: A Novel Dataset and Fine-Tuning Framework [81.29965270493238]
We develop a specialized dataset aimed at enhancing the evaluation and fine-tuning of large language models (LLMs) for wireless communication applications. The dataset includes a diverse set of multi-hop questions, including true/false and multiple-choice types, spanning varying difficulty levels from easy to hard. We introduce a Pointwise V-Information (PVI) based fine-tuning method, providing a detailed theoretical analysis and justification for its use in quantifying the information content of training data.
arXiv Detail & Related papers (2025-01-16T16:19:53Z)
Misbinding Raw Public Keys to Identities in TLS [1.821556502071398]
This paper examines the security of TLS when using Raw Public Key (RPK) authentication. This mode has not been as extensively studied as X.509 certificates and Pre-Shared Keys (PSK) We develop a formal model of TLS RPK using applied pi calculus and the ProVerif verification tool, revealing that the RPK mode is susceptible to identity misbinding attacks.
arXiv Detail & Related papers (2024-11-14T19:28:09Z)
Exploring QUIC Dynamics: A Large-Scale Dataset for Encrypted Traffic Analysis [7.795761092358769]
We introduce VisQUIC, a large-scale dataset of 100,000 labeled QUIC traces from over 44,000 websites. Unlike prior datasets, VisQUIC provides SSL keys for controlled decryption, supports multiple QUIC implementations, and introduces a novel image-based representation. We present a benchmarking task for estimating HTTP/3 responses in encrypted QUIC traffic, achieving 97% accuracy using only observable packet features.
arXiv Detail & Related papers (2024-09-30T10:50:12Z)
A Comprehensive Review of TLSNotary Protocol [0.0]
We investigate the TLSNotary protocol, which aim to enable the Client to obtain proof of provenance for data from TLS session. To achieve such proofs without any Server-side adjustments or permissions, the power of secure multi-party computation (MPC) together with zero knowledge proofs is used.
arXiv Detail & Related papers (2024-09-26T09:28:51Z)
DOCBENCH: A Benchmark for Evaluating LLM-based Document Reading Systems [99.17123445211115]
We introduce DocBench, a benchmark to evaluate large language model (LLM)-based document reading systems. Our benchmark involves the recruitment of human annotators and the generation of synthetic questions. It includes 229 real documents and 1,102 questions, spanning across five different domains and four major types of questions.
arXiv Detail & Related papers (2024-07-15T13:17:42Z)
Towards automated formal security analysis of SAML V2.0 Web Browser SSO standard - the POST/Artifact use case [0.0]
Single Sign-On (SSO) protocols streamline user authentication with a unified login for multiple online services, improving usability and security. One of the most common. SSO protocol frameworks - the Security Assertion Markup Language V2.0 (SAML) Web. Single Sign-On (SSO) protocols streamline user authentication with a unified login for multiple online services, improving. usability and security.
arXiv Detail & Related papers (2024-03-18T15:11:29Z)
Performance Analysis of Security Certificate Management System in Vehicle-to-Everything (V2X) [0.0]
This study implements end entities and a Security Credential Management System conforming to IEEE 1609.2 and IEEE 1609.2.1 standards. It measures the computation and transmission times for each security communication action within the system from the perspective of end entities.
arXiv Detail & Related papers (2023-09-18T02:24:33Z)
Instruction Tuning for Large Language Models: A Survey [52.86322823501338]
This paper surveys research works in the quickly advancing field of instruction tuning (IT) In this paper, unless specified otherwise, instruction tuning (IT) will be equivalent to supervised fine-tuning (SFT)
arXiv Detail & Related papers (2023-08-21T15:35:16Z)
A Survey of Secure Computation Using Trusted Execution Environments [80.58996305474842]
This article provides a systematic review and comparison of TEE-based secure computation protocols. We first propose a taxonomy that classifies secure computation protocols into three major categories, namely secure outsourced computation, secure distributed computation and secure multi-party computation. Based on these criteria, we review, discuss and compare the state-of-the-art TEE-based secure computation protocols for both general-purpose computation functions and special-purpose ones.
arXiv Detail & Related papers (2023-02-23T16:33:56Z)
Unveiling The Mask of Position-Information Pattern Through the Mist of Image Features [75.62755703738696]
Recent studies show that paddings in convolutional neural networks encode absolute position information. Existing metrics for quantifying the strength of positional information remain unreliable. We propose novel metrics for measuring (and visualizing) the encoded positional information.
arXiv Detail & Related papers (2022-06-02T17:59:57Z)
DATA: Domain-Aware and Task-Aware Pre-training [94.62676913928831]
We present DATA, a simple yet effective NAS approach specialized for self-supervised learning (SSL) Our method achieves promising results across a wide range of computation costs on downstream tasks, including image classification, object detection and semantic segmentation.
arXiv Detail & Related papers (2022-03-17T02:38:49Z)
Self-Supervised Learning of Graph Neural Networks: A Unified Review [50.71341657322391]
Self-supervised learning is emerging as a new paradigm for making use of large amounts of unlabeled samples. We provide a unified review of different ways of training graph neural networks (GNNs) using SSL. Our treatment of SSL methods for GNNs sheds light on the similarities and differences of various methods, setting the stage for developing new methods and algorithms.
arXiv Detail & Related papers (2021-02-22T03:43:45Z)
Machine Learning Interpretability Meets TLS Fingerprinting [5.179808182296037]
We propose a framework to systematically find the most vulnerable information fields in a network protocol. focusing on the transport layer security (TLS) protocol, we perform different machine-learning-based fingerprinting attacks on the collected data. By employing the interpretation techniques developed in the machine learning community and applying our framework, we find the most vulnerable information fields in the TLS protocol.
arXiv Detail & Related papers (2020-11-12T10:37:45Z)

This list is automatically generated from the titles and abstracts of the papers in this site.