University of Birmingham > Talks@bham > Computer Security Seminars > How (not) to use TLS between 3 parties

  Browse A-Z

Log in

System Admin (disabled)details Birmingham usersdetails No account?details

Information on

Subscribing to talksdetails Finding a talkdetails Adding a talkdetails Disseminating talksdetails Help and Documentationdetails

How (not) to use TLS between 3 parties

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Dr Garfield Benjamin.

In this talk, we will explore the case of TLS between a client and a server, being mediated in particular way by a middle-man embodied by a CDN , i.e., a content delivery network. We specifically discuss the case of the so-called “Keyless SSL ”, where the server retains its private key and the mediating CDN uses the server as an oracle during the TLS handshake. We disclose vulnerabilities on this design and discuss repairs. Throughout, we emphasise on what we believe to be the (old and reinforced, as well as the new) security requirements and model needed when lifting TLS from the classical 2-party setting to the 3-party setting.

This talk is part of the Computer Security Seminars series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

Other lists

Midlands Logic Seminar Computer Security Seminars Computer Science Distinguished Seminars

Other talks

Provably Convergent Plug-and-Play Quasi-Newton Methods for Imaging Inverse Problems TBC Quantum simulations using ultra cold ytterbium Sylow branching coefficients for symmetric groups Test talk Extending the Lax type operator for finite W-algebras
 

Talks@bham, University of Birmingham. Contact Us | Help and Documentation | Privacy and Publicity.
talks@bham is based on talks.cam from the University of Cambridge.