Overview
Explore a formal analysis of accountable proxying over TLS in this 21-minute IEEE conference talk presented at the 2018 IEEE Symposium on Security & Privacy. Delve into the vulnerabilities of active proxies modifying channel-securing protocols like TLS, and examine the lack of accountability in middlebox operations. Learn about the mcTLS protocol's pioneering approach to proxy accountability and its security flaws. Discover a new formalization for accountable proxying over secure channels and a provably-secure alternative to mcTLS. Gain insights into a generic, modular protocol design that composes secure channel-establishment protocols, and examine a proof-of-concept implementation using unmodified TLS 1.3.
Syllabus
A Formal Treatment of Accountable Proxying over TLS
Taught by
IEEE Symposium on Security and Privacy