Electrical Engineering and Computer Science SSL INT : A Tool for Detecting TLS Certificate Validation Vulnerabilities April 2016

@inproceedings{He2016ElectricalEA,
  title={Electrical Engineering and Computer Science SSL INT : A Tool for Detecting TLS Certificate Validation Vulnerabilities April 2016},
  author={Boyuan He and Vaibhav Rastogi and Yinzhi Cao and Yan Chen and V. N. Venkatakrishnan and Chun-lin Xiong and Runqing Yang and Zhenrui Zhang},
  year={2016}
}
Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols have become the security backbone of the Web and Internet today. Many systems including mobile and desktop applications are protected by SSL/TLS protocols against network attacks. However, many vulnerabilities caused by incorrect use of SSL/TLS APIs have been uncovered in recent years. Such vulnerabilities, many of which are caused due to poor API design and inexperience of application developers, often lead to confidential… CONTINUE READING

References

Publications referenced by this paper.
Showing 1-10 of 31 references

An empirical study of cryptographic misuse in android applications

ACM Conference on Computer and Communications Security • 2013
View 4 Excerpts
Highly Influenced

The most dangerous code in the world: validating SSL certificates in non-browser software

ACM Conference on Computer and Communications Security • 2012
View 6 Excerpts
Highly Influenced

Us - ing frankencerts for automated adversarial testing of certificate validation in SSL / TLS implementations . ” in Security and Privacy ( SP ) ,

B. Ray, S. Khurshid, V. Shmatikov
Security and Privacy ( SP ) , 2013 IEEE Symposium on . IEEE • 2014

Similar Papers

Loading similar papers…