Key Vulnerabilities in SSL & TLS That Needs To Be Mitigated

被引：0

作者：

Alhazmi, Shatha Abdulah E. ^{[1
]}

Elleithy, Khaled ^{[1
]}

机构：

[1] Univ Bridgeport, Dept Comp Sci & Engn, Bridgeport, CT 06604 USA

来源：

2023 IEEE LONG ISLAND SYSTEMS, APPLICATIONS AND TECHNOLOGY CONFERENCE, LISAT | 2023年

关键词：

SSL; TLS; RC4; cryptographic; Security Protocol;

D O I：

10.1109/LISAT58403.2023.10179546

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

The cryptographic security protocols are designed to ensure that the information transmission that is taking place between two entities is secured and is not impacted while interaction occurs among them. Security protocols are a set of rules that are formulated to ensure that the intruder or third party is not able to access the information that is transmitted. In this context, one of the algorithms that could be used is the RC4 algorithm. There are many discussions about the RC4 algorithm, but as of now is only theoretically dominant. It is a fact that the theory alone cannot complete the RCA algorithm process in a detailed manner. The applications reveal the input and do not produce any output of the processes involved. This research paper will illustrate the vulnerability and possible solutions to avoid the RC4 Algorithm attack.

引用

页数：4

共 50 条

[41] Stealing secrets with SSL/TLS and SSH -: Kleptographic attacks
Golobiewski, Zbigniew
Kutylowski, Miroslaw
Zagorski, Filip
[J]. CRYPTOLOGY AND NETWORK SECURITY, PROCEEDINGS, 2006, 4301 : 191 - +
[42] A comprehensive study on security attacks on SSL/TLS Protocol
Sirohi, Preeti
Agarwal, Amit
Tyagi, Sapna
[J]. PROCEEDINGS ON 2016 2ND INTERNATIONAL CONFERENCE ON NEXT GENERATION COMPUTING TECHNOLOGIES (NGCT), 2016, : 893 - 897
[43] A technique to circumvent SSL/TLS validations on iOS devices
D'Orazio, Christian J.
Choo, Kim-Kwang Raymond
[J]. FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2017, 74 : 366 - 374
[44] On the robustness of applications based on the SSL and TLS security Protocols
Berbecaru, Diana
Lioy, Antonio
[J]. PUBLIC KEY INFRASTRUCTURE, PROCEEDINGS, 2007, 4582 : 248 - +
[45] Investigation of the Applicability of SSL/TLS Protocol for VPN in APCS
Rybin, Dmitry
Piliugina, Karina
Piliugin, Pavel
[J]. PROCEEDINGS OF THE 2018 IEEE CONFERENCE OF RUSSIAN YOUNG RESEARCHERS IN ELECTRICAL AND ELECTRONIC ENGINEERING (EICONRUS), 2018, : 1318 - 1321
[46] Web网站SSL/TLS协议配置安全研究
胡仁林
张立武
[J]. 计算机系统应用, 2017, 26 (10) : 124 - 132
[47] Analysis and Comparison of Several algorithms in SSL/TLS Handshake Protocol
Luo Qing
Lin Yaping
[J]. ITCS: 2009 INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY AND COMPUTER SCIENCE, PROCEEDINGS, VOL 2, PROCEEDINGS, 2009, : 613 - +
[48] A Hybrid Method for Service Identification of SSL/TLS Encrypted Traffic
Ding, Rusheng
Li, Wenmin
[J]. 2016 2ND IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND COMMUNICATIONS (ICCC), 2016, : 250 - 253
[49] Towards Best Secure Coding Practice for Implementing SSL/TLS
Alhanahnah, Mohannad
Yan, Qiben
[J]. IEEE INFOCOM 2018 - IEEE CONFERENCE ON COMPUTER COMMUNICATIONS WORKSHOPS (INFOCOM WKSHPS), 2018, : 1 - 6
[50] Guided Differential Testing of Certificate Validation in SSL/TLS Implementations
Chen, Yuting
Su, Zhendong
[J]. 2015 10TH JOINT MEETING OF THE EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND THE ACM SIGSOFT SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING (ESEC/FSE 2015) PROCEEDINGS, 2015, : 793 - 804

← 1 2 3 4 5 →