Domain Validation++ For MitM-Resilient PKI
暂无分享,去创建一个
[1] Daniel Massey,et al. Deploying Cryptography in Internet-Scale Systems: A Case Study on DNSSEC , 2011, IEEE Transactions on Dependable and Secure Computing.
[2] Adrian Perrig,et al. Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing , 2008, USENIX Annual Technical Conference.
[3] Amir Herzberg,et al. Fragmentation Considered Poisonous, or: One-domain-to-rule-them-all.org , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).
[4] Mark Allman,et al. On measuring the client-side DNS infrastructure , 2013, Internet Measurement Conference.
[5] Ben Laurie. Certificate Transparency , 2014, ACM Queue.
[6] Mark Ryan,et al. DTKI: a new formalized PKI with no trusted parties , 2014, IACR Cryptol. ePrint Arch..
[7] Daniel Anderson,et al. Splinternet Behind the Great Firewall of China , 2012 .
[8] Amir Herzberg,et al. Security of Patched DNS , 2012, ESORICS.
[9] Haya Shulman,et al. Path MTU Discovery Considered Harmful , 2018, 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS).
[10] Haya Shulman,et al. Counting in the Dark: DNS Caches Discovery and Enumeration in the Internet , 2017, 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).
[11] Ralf Sasse,et al. Design, Analysis, and Implementation of ARPKI: An Attack-Resilient Public-Key Infrastructure , 2016, IEEE Transactions on Dependable and Secure Computing.
[12] Sharon Goldberg,et al. Let the market drive deployment: a strategy for transitioning to BGP security , 2011 .
[13] Jeffrey Knockel,et al. Counting Packets Sent Between Arbitrary Internet Hosts , 2014, FOCI.
[14] Haya Shulman,et al. One Key to Sign Them All Considered Vulnerable: Evaluation of DNSSEC in the Internet , 2017, NSDI.
[15] Eric Wustrow,et al. ZMap: Fast Internet-wide Scanning and Its Security Applications , 2013, USENIX Security Symposium.
[16] Haya Shulman,et al. Towards Security of Internet Naming Infrastructure , 2015, ESORICS.
[17] Sharon Goldberg,et al. Modeling on quicksand: dealing with the scarcity of ground truth in interdomain routing data , 2012, CCRV.
[18] Paul Francis,et al. A study of prefix hijacking and interception in the internet , 2007, SIGCOMM 2007.
[19] Christof Paar,et al. DROWN: Breaking TLS Using SSLv2 , 2016, USENIX Security Symposium.
[20] Angelos Stavrou,et al. End-Users Get Maneuvered: Empirical Analysis of Redirection Hijacking in Content Delivery Networks , 2018, USENIX Security Symposium.
[21] Margaret Hu. Taxonomy of the Snowden Disclosures , 2015 .
[22] Amir Herzberg,et al. Fragmentation Considered Vulnerable , 2013, TSEC.
[23] Haya Shulman,et al. DNSSEC Misconfigurations in Popular Domains , 2016, CANS.
[24] Haya Shulman,et al. Internet-wide study of DNS cache injections , 2017, IEEE INFOCOM 2017 - IEEE Conference on Computer Communications.
[25] Robin Sommer,et al. Extracting Certificates from Live Traffic : A Near Real Time SSL Notary Service , 2012 .
[26] Vitaly Shmatikov,et al. The Hitchhiker's Guide to DNS Cache Poisoning , 2010, SecureComm.
[27] Adrian Perrig,et al. PoliCert: Secure and Flexible TLS Certificate Management , 2014, CCS.
[28] Georg Carle,et al. The SSL landscape: a thorough analysis of the x.509 PKI using active and passive measurements , 2011, IMC '11.
[29] Moti Yung,et al. Perfectly secure message transmission , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.
[30] Elaine B. Barker,et al. SP 800-131A. Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths , 2011 .
[31] Haya Shulman,et al. Fragmentation Considered Leaking: Port Inference for DNS Poisoning , 2014, ACNS.
[32] Amir Herzberg,et al. Socket overloading for fun and cache-poisoning , 2013, ACSAC.
[33] Amir Herzberg,et al. Vulnerable Delegation of DNS Resolution , 2013, ESORICS.
[34] Eric Wustrow,et al. Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices , 2012, USENIX Security Symposium.
[35] Kenneth G. Paterson,et al. Lucky Thirteen: Breaking the TLS and DTLS Record Protocols , 2013, 2013 IEEE Symposium on Security and Privacy.
[36] Bruce M. Maggs,et al. A Longitudinal, End-to-End View of the DNSSEC Ecosystem , 2017, USENIX Security Symposium.
[37] Vinod Yegneswaran,et al. An empirical reexamination of global DNS behavior , 2013, SIGCOMM.
[38] Martín Abadi,et al. Global Authentication in an Untrustworthy World , 2013, HotOS.
[39] Collin Jackson,et al. Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure , 2013, WWW.
[40] Elaine B. Barker,et al. Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths , 2011 .