Security enhancements to TLS for improved national control

Lamya Alqaydi; Chan Yeob Yeun; Ernesto Damiani

doi:10.23919/ICITST.2017.8356398

Security enhancements to TLS for improved national control

Electrical Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Scopus citations

Abstract

Establishing a secure connection is a must nowadays since a lot of transactions are being done online. For instance, it can vary from buying items from small shops into buying extremely expensive equipment online. Hence, the need for securing the sessions and e-commerce is highly required. Furthermore, any government entity will require its communication to be secured from eavesdropping and Man in The Middle (MITM) attacks. Web Threats are spreading around the world and becoming more aggressive every year. Secure Socket Layer (SSL) and Transport Layer Security (TLS) were established as a standard to encrypt the communication between the client and the server. Everyday new vulnerabilities and loopholes in the internet protocols are being discovered. Hence an enhancement to the TLS protocol is a must. This need rises since most transactions and confidential communication is done through the network. Then information security researchers and developers have to test, develop, verify and enhance the security of the network. Throughout this report a study of the TLS protocol will be highlighted and its relative security. Later, a proposed method to test different TLS protocols will be explained. Future work will include developing a prototype that will be used to test different TLS protocol versions.

Original language	British English
Title of host publication	2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	274-279
Number of pages	6
ISBN (Electronic)	9781908320933
DOIs	https://doi.org/10.23919/ICITST.2017.8356398
State	Published - 8 May 2018
Event	12th International Conference for Internet Technology and Secured Transactions, ICITST 2017 - Cambridge, United Kingdom Duration: 11 Dec 2017 → 14 Dec 2017

Publication series

Name	2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017

Conference

Conference	12th International Conference for Internet Technology and Secured Transactions, ICITST 2017
Country/Territory	United Kingdom
City	Cambridge
Period	11/12/17 → 14/12/17

Keywords

BEAST attack
CRIME and BREACH attack
Heartbleed Attack
Privacy
Renegotiaition attack
Security
SSL
TLS
TLS Handshake

Access to Document

10.23919/ICITST.2017.8356398

OpenUrl availability

Full text

Cite this

Alqaydi, L., Yeun, C. Y., & Damiani, E. (2018). Security enhancements to TLS for improved national control. In 2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017 (pp. 274-279). (2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.23919/ICITST.2017.8356398

Alqaydi, Lamya ; Yeun, Chan Yeob ; Damiani, Ernesto. / Security enhancements to TLS for improved national control. 2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017. Institute of Electrical and Electronics Engineers Inc., 2018. pp. 274-279 (2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017).

@inproceedings{7575e0e9eb2949a387b3a68b8380a3bd,

title = "Security enhancements to TLS for improved national control",

abstract = "Establishing a secure connection is a must nowadays since a lot of transactions are being done online. For instance, it can vary from buying items from small shops into buying extremely expensive equipment online. Hence, the need for securing the sessions and e-commerce is highly required. Furthermore, any government entity will require its communication to be secured from eavesdropping and Man in The Middle (MITM) attacks. Web Threats are spreading around the world and becoming more aggressive every year. Secure Socket Layer (SSL) and Transport Layer Security (TLS) were established as a standard to encrypt the communication between the client and the server. Everyday new vulnerabilities and loopholes in the internet protocols are being discovered. Hence an enhancement to the TLS protocol is a must. This need rises since most transactions and confidential communication is done through the network. Then information security researchers and developers have to test, develop, verify and enhance the security of the network. Throughout this report a study of the TLS protocol will be highlighted and its relative security. Later, a proposed method to test different TLS protocols will be explained. Future work will include developing a prototype that will be used to test different TLS protocol versions.",

keywords = "BEAST attack, CRIME and BREACH attack, Heartbleed Attack, Privacy, Renegotiaition attack, Security, SSL, TLS, TLS Handshake",

author = "Lamya Alqaydi and Yeun, \{Chan Yeob\} and Ernesto Damiani",

note = "Publisher Copyright: {\textcopyright} 2017 Infonomics Society.; 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017 ; Conference date: 11-12-2017 Through 14-12-2017",

year = "2018",

month = may,

day = "8",

doi = "10.23919/ICITST.2017.8356398",

language = "British English",

series = "2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "274--279",

booktitle = "2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017",

address = "United States",

}

Alqaydi, L, Yeun, CY & Damiani, E 2018, Security enhancements to TLS for improved national control. in 2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017. 2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017, Institute of Electrical and Electronics Engineers Inc., pp. 274-279, 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017, Cambridge, United Kingdom, 11/12/17. https://doi.org/10.23919/ICITST.2017.8356398

Security enhancements to TLS for improved national control. / Alqaydi, Lamya; Yeun, Chan Yeob ; Damiani, Ernesto.
2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017. Institute of Electrical and Electronics Engineers Inc., 2018. p. 274-279 (2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Security enhancements to TLS for improved national control

AU - Alqaydi, Lamya

AU - Yeun, Chan Yeob

AU - Damiani, Ernesto

PY - 2018/5/8

Y1 - 2018/5/8

N2 - Establishing a secure connection is a must nowadays since a lot of transactions are being done online. For instance, it can vary from buying items from small shops into buying extremely expensive equipment online. Hence, the need for securing the sessions and e-commerce is highly required. Furthermore, any government entity will require its communication to be secured from eavesdropping and Man in The Middle (MITM) attacks. Web Threats are spreading around the world and becoming more aggressive every year. Secure Socket Layer (SSL) and Transport Layer Security (TLS) were established as a standard to encrypt the communication between the client and the server. Everyday new vulnerabilities and loopholes in the internet protocols are being discovered. Hence an enhancement to the TLS protocol is a must. This need rises since most transactions and confidential communication is done through the network. Then information security researchers and developers have to test, develop, verify and enhance the security of the network. Throughout this report a study of the TLS protocol will be highlighted and its relative security. Later, a proposed method to test different TLS protocols will be explained. Future work will include developing a prototype that will be used to test different TLS protocol versions.

AB - Establishing a secure connection is a must nowadays since a lot of transactions are being done online. For instance, it can vary from buying items from small shops into buying extremely expensive equipment online. Hence, the need for securing the sessions and e-commerce is highly required. Furthermore, any government entity will require its communication to be secured from eavesdropping and Man in The Middle (MITM) attacks. Web Threats are spreading around the world and becoming more aggressive every year. Secure Socket Layer (SSL) and Transport Layer Security (TLS) were established as a standard to encrypt the communication between the client and the server. Everyday new vulnerabilities and loopholes in the internet protocols are being discovered. Hence an enhancement to the TLS protocol is a must. This need rises since most transactions and confidential communication is done through the network. Then information security researchers and developers have to test, develop, verify and enhance the security of the network. Throughout this report a study of the TLS protocol will be highlighted and its relative security. Later, a proposed method to test different TLS protocols will be explained. Future work will include developing a prototype that will be used to test different TLS protocol versions.

KW - BEAST attack

KW - CRIME and BREACH attack

KW - Heartbleed Attack

KW - Privacy

KW - Renegotiaition attack

KW - Security

KW - SSL

KW - TLS

KW - TLS Handshake

UR - https://www.scopus.com/pages/publications/85048053253

U2 - 10.23919/ICITST.2017.8356398

DO - 10.23919/ICITST.2017.8356398

M3 - Conference contribution

AN - SCOPUS:85048053253

T3 - 2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017

SP - 274

EP - 279

BT - 2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017

Y2 - 11 December 2017 through 14 December 2017

ER -

Alqaydi L, Yeun CY , Damiani E. Security enhancements to TLS for improved national control. In 2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017. Institute of Electrical and Electronics Engineers Inc. 2018. p. 274-279. (2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017). doi: 10.23919/ICITST.2017.8356398

Security enhancements to TLS for improved national control

Abstract

Publication series

Conference

Keywords

Access to Document

OpenUrl availability

Other files and links

Fingerprint

Cite this