Downgrade Resilience in Key-Exchange Protocols

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!

Grab it

Explore downgrade resilience in key-exchange protocols through this 20-minute IEEE conference talk presented at the 2016 IEEE Symposium on Security & Privacy. Delve into the challenges of configurable protocols like TLS, SSH, IPsec, and ZRTP, and learn how to support configurability while ensuring the negotiation of preferred modes. Examine the causes of downgrade attacks, survey existing standards' downgrade resilience, and understand the concept of downgrade security. Discover design patterns that guarantee downgrade security and how they can be applied to strengthen existing protocols, including the draft of TLS 1.3. Gain insights into transcript authentication, downgrade-secure configurations, and protocol execution models for analyzing complex real-world protocols.

Syllabus

Intro
Downgrade as an everyday phenomen
Negotiation
Transcript authentication vs. Downgrades
Downgrade secure configurations
Protocol execution model
Reducing complex real-world protocol analysis
Downgrade security of TLS 1.3
Downgrade Resilience in key Exchange

Taught by

IEEE Symposium on Security and Privacy

Reviews

Start your review of Downgrade Resilience in Key-Exchange Protocols

Taught by

Tags

Protecting TLS from Legacy Crypto

Key Confirmation in Key Exchange - A Formal Treatment and Implications for TLS 1.3

A Unilateral-to-Mutual Authentication Compiler for Key Exchange - with Applications to Client Authentication in TLS 1.3

Everything Related to Transport Layer Security - TLS

10 Best Negotiation Courses for 2024: Finding Common Ground

Never Stop Learning.