A cross-protocol attack on the TLS protocol
Citations
409 citations
262 citations
Cites background from "A cross-protocol attack on the TLS ..."
...4) Cross-Protocol Attacks: An extended version of this paper [32] addresses cross-protocol attacks [105], [74] where parameters intended to be used in one setting (e....
[...]
202 citations
Cites background from "A cross-protocol attack on the TLS ..."
...For instance, they presented an early variant of a cross-ciphersuite attack (predating [17]) by observing that the ephemeral key exchange parameters signed by TLS servers could be misinterpreted by the client....
[...]
...In current versions of TLS, this is a difficult property to guarantee because of the possibility of cross-protocol attacks [17]....
[...]
...[16] analyzes the multi-ciphersuite security of SSH using a black-box composition technique that falls short of analyzing TLS because it does not account for cross-protocols attacks [17]....
[...]
189 citations
Cites background from "A cross-protocol attack on the TLS ..."
...On the other hand, we do not treat ciphersuite (re)negotiation nor the TLS Record Protocol’s compression or fragmentation features, meaning that, for example, none of the attacks from [19, 30, 38] are covered by our analysis....
[...]
...In view of its importance, TLS has long been the subject of intense research analysis, including, in chronological order, [41, 12, 36, 28, 25, 40, 16, 27, 5, 32, 22, 6, 33, 18, 35, 9, 2, 24, 30, 19, 13, 3, 10, 4]....
[...]
References
272,030 citations
5,145 citations
"A cross-protocol attack on the TLS ..." refers background in this paper
...The adversary in both attacks is a Dolev-Yao adversary [12], that has full control over the network communications....
[...]
2,675 citations
2,265 citations
1,956 citations
"A cross-protocol attack on the TLS ..." refers methods in this paper
...0 [9] the TLS protocol has been augmented with various other key exchange methods such as SRP, PSK or ECDH [3, 13, 25]....
[...]