Attacks Only Get Better: Password Recovery Attacks Against RC4 in TLS
暂无分享,去创建一个
[1] Tim Dierks,et al. The Transport Layer Security (TLS) Protocol Version 1.2 , 2008 .
[2] Joseph Bonneau,et al. The Science of Guessing: Analyzing an Anonymized Corpus of 70 Million Passwords , 2012, 2012 IEEE Symposium on Security and Privacy.
[3] Goutam Paul,et al. RC4: (Non-)Random Words from (Non-)Random Permutations , 2011, IACR Cryptology ePrint Archive.
[4] Joseph Bonneau,et al. The Password Thicket: Technical and Market Failures in Human Authentication on the Web , 2010, WEIS.
[5] Itsik Mantin,et al. Predicting and Distinguishing Attacks on RC4 Keystream Generator , 2005, EUROCRYPT.
[6] John G. Myers. IMAP4 Authentication Mechanisms , 1994, RFC.
[7] Sudhir Aggarwal,et al. Testing metrics for password creation policies by attacking large sets of revealed passwords , 2010, CCS '10.
[8] Roy T. Fielding,et al. Hypertext Transfer Protocol - HTTP/1.0 , 1996, RFC.
[9] Eric Rescorla,et al. The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.
[10] Christopher Allen,et al. The TLS Protocol Version 1.0 , 1999, RFC.
[11] Kenneth G. Paterson,et al. On the Security of RC4 in TLS , 2013, USENIX Security Symposium.
[12] Masakatu Morii,et al. How to Recover Any Byte of Plaintext on RC4 , 2013, Selected Areas in Cryptography.
[13] M. Angela Sasse,et al. Users are not the enemy , 1999, CACM.
[14] Adi Shamir,et al. A Practical Attack on Broadcast RC4 , 2001, FSE.
[15] Cormac Herley,et al. A large-scale study of web password habits , 2007, WWW '07.
[16] Lawrence C. Stewart,et al. HTTP Authentication: Basic and Digest Access Authentication , 1999 .
[17] Goutam Paul,et al. Proving TLS-attack related open biases of RC4 , 2015, IACR Cryptol. ePrint Arch..
[18] Masakatu Morii,et al. Full Plaintext Recovery Attack on Broadcast RC4 , 2013, FSE.
[19] J. Yan,et al. Password memorability and security: empirical results , 2004, IEEE Security & Privacy Magazine.
[20] Hao Zhou,et al. Transport Layer Security (TLS) Session Resumption without Server-Side State , 2008, RFC.
[21] Arnt Gulbrandsen,et al. IMAP Extension for Simple Authentication and Security Layer (SASL) Initial Client Response , 2007, RFC.
[22] Barry Leiba. IMAP4 IDLE command , 1997, RFC.
[23] Scott R. Fluhrer,et al. Statistical Analysis of the Alleged RC4 Keystream Generator , 2000, FSE.
[24] Moshe Zviran,et al. Password Security: An Empirical Study , 1999, J. Manag. Inf. Syst..
[25] Goutam Paul,et al. (Non-)Random Sequences from (Non-)Random Permutations—Analysis of RC4 Stream Cipher , 2012, Journal of Cryptology.
[26] Mark R. Crispin. Internet Message Access Protocol - Version 4rev1 , 1996, RFC.
[27] Eric Rescorla,et al. The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.