Authenticated encryption in SSH: provably fixing the SSH binary packet protocol
Proceedings of the 9th ACM conference on Computer and communications security
The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?)
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS ...
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Concrete Security Treatment of Symmetric Encryption
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Statistical Identification of Encrypted Web Browsing Traffic
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Inferring the source of encrypted HTTP connections
Proceedings of the 13th ACM conference on Computer and communications security
On Inferring Application Protocol Behaviors in Encrypted Network Traffic
The Journal of Machine Learning Research
Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)
Journal of Cryptology
Spot Me if You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
On the soundness of authenticate-then-encrypt: formalizing the malleability of symmetric encryption
Proceedings of the 17th ACM conference on Computer and communications security
Uncovering Spoken Phrases in Encrypted Voice over IP Conversations
ACM Transactions on Information and System Security (TISSEC)
Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on Fon-iks
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
A provable-security treatment of the key-wrap problem
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
The security of triple encryption and a framework for code-based game-playing proofs
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Confidentiality and integrity: a constructive perspective
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Security of symmetric encryption in the presence of ciphertext fragmentation
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
The low-call diet: authenticated encryption for call counting HSM users
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Who do you sync you are?: smartphone fingerprinting via application behaviour
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
On the security of TLS renegotiation
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
An analysis of the EMV channel establishment protocol
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
We analyze the security of the TLS Record Protocol, a MAC-then-Encode-then-Encrypt (MEE) scheme whose design targets confidentiality and integrity for application layer communications on the Internet. Our main results are twofold. First, we give a new distinguishing attack against TLS when variable length padding and short (truncated) MACs are used. This combination will arise when standardized TLS 1.2 extensions (RFC 6066) are implemented. Second, we show that when tags are longer, the TLS Record Protocol meets a new length-hiding authenticated encryption security notion that is stronger than IND-CCA.