Explore a 21-minute IEEE conference talk examining the multiple handshakes security of TLS 1.3 candidates. Delve into the first formal treatment of multiple handshakes protocols for next-generation TLS, presented at the 2016 IEEE Symposium on Security & Privacy. Learn about the multi-level & stage security model introduced to cover compositional interactions between different TLS handshake modes. Discover how the research proves that TLS 1.3 draft handshake candidates meet strong multiple handshakes security notions, confirming the soundness of TLS 1.3 security protection design. Gain insights into the analysis of compositional design with different session modes and their multiple session dependencies. Understand the identification of the triple handshake attack on TLS 1.2 within the presented security model, and examine the effectiveness of proposed fixes in RFC 7627 for protecting against multiple handshakes attacks in TLS 1.2.
Overview
Syllabus
Multiple Handshakes Security of TLS 1.3 Candidates
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
-
Automated Analysis and Verification of TLS 1.3 - 0-RTT, Resumption and Delayed Authentication
-
TLS 1.3 Handshake - Major Changes from Prior Versions
-
Implementing and Proving the TLS 1.3 Record Layer
-
What's New in TLS 1.3
-
Transport Layer Security - TLS 1.2 and 1.3 Explained by Example
-
Verified Models and Reference Implementations for the TLS 1.3 Standard Candidate
