As we saw in the previous paper i.e. "A survey of BGP security issues and solutions", several high profile routing failures have highlighted vulnerabilities in BGP (Border Gateway Protocol), internet's main interdomain routing protocol. To overcome this challenge, the authentication using RPKI is gaining momentum among the network operators. There is a push to standardize … Continue reading Paper Review: BGP Security in Partial Deployment
Paper Review: A Survey of BGP Security Issues and Solutions
In this paper, the authors perform a survey on the existing Border Gateway Protocol (BGP), the issues related to them and their solutions. BGP is the glue that holds the internet together. However, it is quite highly vulnerable and it does not address the security issues adequately. The authors review the proposed improvements in BGP. … Continue reading Paper Review: A Survey of BGP Security Issues and Solutions
Paper Review: Bohatei: Flexible and Elastic DDoS Defense
In this paper, the authors present Bohatei, a flexible and elastic DDoS defense system. They have made use of new networking paradigms like Software Defined Networking (SDN) and Network Function Virtualization (NFV) to develop this system. The need to develop such a system needed for multiple reasons. DDoS attacks impose huge attacks on victims. The … Continue reading Paper Review: Bohatei: Flexible and Elastic DDoS Defense
Paper Review: MD5 To Be Considered Harmful Someday
In this paper, the authors argue that MD5 will be considered harmful at some point in the future. Joux and Wang’s multicollision attack has yielded collisions for several one-way hash algorithms. Of all these one-way hash algorithms, MD5 is most problematic as it is most widely used and heavily deployed. There is a belief that the … Continue reading Paper Review: MD5 To Be Considered Harmful Someday
Paper Review: DROWN: Breaking TLS using SSLv2
In this paper, the authors present DROWN, which is a novel cross-protocol attack on TLS that uses server supporting SSLv2 as a means to decrypt modern TLS connection. They have developed two versions of the attack. In the first version, they exploit multiple unnoticed protocol flaws in SSLv2 to develop a new and stronger variant … Continue reading Paper Review: DROWN: Breaking TLS using SSLv2
Paper Review: Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice
In this paper, the authors review the security of the Diffie-Hellman key exchange which is used in popular internet protocols. The results show that it is less secure than widely believed. The authors start by presenting Logjam, which is a flaw in TLS that lets a man in the middle downgrade connections to "export-grade" Diffie … Continue reading Paper Review: Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice
Paper Review: SoK: SSL and HTTPS: Revisiting past challenges and evaluating certificate trust model enhancements
This is an interesting paper which raises some excellent questions regarding the adoption of HTTPS and security issues related to it. Although HTTPS is considered secure, various attacks on HTTPS and its certificate model have been hypothesized and executed. As we are migrating more and more towards HTTPS, the number of browser-trusted certificate authorities are … Continue reading Paper Review: SoK: SSL and HTTPS: Revisiting past challenges and evaluating certificate trust model enhancements
Paper Review: Measuring HTTPS Adoption on the Web
Since the inception of the internet, web traffic was unencrypted for the most part, but this has been changing over the last few years. This paper majorly discusses two questions. First, are the community effort to migrate from HTTP to HTTPS are paying off? Which areas do we need to work more? Second, how far … Continue reading Paper Review: Measuring HTTPS Adoption on the Web
Paper Review: The Matter of Heartbleed
In this paper, the authors talk about Heartbleed, a critical security bug in OpenSSL, an open source implementation of SSL. The heartbleed vulnerability was disclosed in April 2014. It is a vulnerability in TLS Heartbeat extension. The heartbeat extension is used to check whether the server we are communicating to is still up. To do … Continue reading Paper Review: The Matter of Heartbleed
Paper Review: Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices
There have been a lot of security-related incidents due to poor random number generation. Keeping that in mind, the authors collected the keys to look for specific vulnerabilities and find the root cause for them. They have used two most used cryptographic protocol for analysis i.e. TLS and SSH. The authors used NMap to collect … Continue reading Paper Review: Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices
Rishabh Jain's Corner 