{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,25]],"date-time":"2026-01-25T00:07:23Z","timestamp":1769299643713,"version":"3.49.0"},"publisher-location":"Cham","reference-count":48,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030299583","type":"print"},{"value":"9783030299590","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-29959-0_20","type":"book-chapter","created":{"date-parts":[[2019,9,14]],"date-time":"2019-09-14T23:04:10Z","timestamp":1568502250000},"page":"404-426","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":15,"title":["Secure Communication Channel Establishment: TLS 1.3 (over TCP Fast Open) vs. QUIC"],"prefix":"10.1007","author":[{"given":"Shan","family":"Chen","sequence":"first","affiliation":[]},{"given":"Samuel","family":"Jero","sequence":"additional","affiliation":[]},{"given":"Matthew","family":"Jagielski","sequence":"additional","affiliation":[]},{"given":"Alexandra","family":"Boldyreva","sequence":"additional","affiliation":[]},{"given":"Cristina","family":"Nita-Rotaru","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,9,15]]},"reference":[{"key":"20_CR1","unstructured":"HTTPS encryption on the web - Google transparency report (2018). https:\/\/transparencyreport.google.com\/https\/overview"},{"key":"20_CR2","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1007\/978-3-642-21424-0_3","volume-title":"Future Challenges in Security and Privacy for Academia and Industry","author":"R Abramov","year":"2011","unstructured":"Abramov, R., Herzberg, A.: TCP ack storm DoS attacks. In: Camenisch, J., Fischer-H\u00fcbner, S., Murayama, Y., Portmann, A., Rieder, C. (eds.) SEC 2011. IAICT, vol. 354, pp. 29\u201340. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-21424-0_3"},{"key":"20_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"232","DOI":"10.1007\/3-540-48329-2_21","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 93","author":"M Bellare","year":"1994","unstructured":"Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232\u2013249. Springer, Heidelberg (1994). https:\/\/doi.org\/10.1007\/3-540-48329-2_21"},{"key":"20_CR4","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., Blanchet, B., Kobeissi, N.: Verified models and reference implementations for the TLS 1.3 standard candidate. In: Security and Privacy (SP), pp. 483\u2013502. IEEE (2017)","DOI":"10.1109\/SP.2017.26"},{"key":"20_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1007\/978-3-662-44381-1_14","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"K Bhargavan","year":"2014","unstructured":"Bhargavan, K., Fournet, C., Kohlweiss, M., Pironti, A., Strub, P.-Y., Zanella-B\u00e9guelin, S.: Proving the TLS handshake secure (as it is). In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 235\u2013255. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-44381-1_14"},{"key":"20_CR6","unstructured":"Brendel, J., Fischlin, M., G\u00fcnther, F.: Breakdown resilience of key exchange protocols and the cases of newhope and TLS 1.3. Cryptology ePrint Archive, Report 2017\/1252 (2017)"},{"key":"20_CR7","unstructured":"Cao, Y., Qian, Z., Wang, Z., Dao, T., Krishnamurthy, S.V., Marvel, L.M.: Off-path TCP exploits: global rate limit considered dangerous. In: USENIX Security Symposium (2016)"},{"key":"20_CR8","unstructured":"Centre for the Protection of National Infrastructure: Security assessment of the transmission control protocol. Technical report CPNI Technical Note 3\/2009, Centre for the Protection of National Infrastructure (2009)"},{"key":"20_CR9","doi-asserted-by":"crossref","unstructured":"Chen, S., Jero, S., Jagielski, M., Boldyreva, A., Nita-Rotaru, C.: Secure communication channel establishment: TLS 1.3 (over TCP Fast Open) vs. QUIC. Cryptology ePrint Archive, Report 2019\/433 (2019). https:\/\/eprint.iacr.org\/2019\/433","DOI":"10.1007\/978-3-030-29959-0_20"},{"key":"20_CR10","doi-asserted-by":"crossref","unstructured":"Cheng, Y., Chu, J., Radhakrishnan, S., Jain, A.: TCP Fast Open. RFC 7413 (Experimental), December 2014","DOI":"10.17487\/rfc7413"},{"key":"20_CR11","doi-asserted-by":"publisher","unstructured":"Cremers, C., Horvat, M., Scott, S., van der Merwe, T.: Automated analysis and verification of TLS 1.3: 0-RTT, resumption and delayed authentication. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 470\u2013485 (2016). https:\/\/doi.org\/10.1109\/SP.2016.35","DOI":"10.1109\/SP.2016.35"},{"key":"20_CR12","doi-asserted-by":"crossref","unstructured":"Cremers, C., Horvat, M., Hoyland, J., Scott, S., van der Merwe, T.: A comprehensive symbolic analysis of TLS 1.3. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1773\u20131788. ACM (2017)","DOI":"10.1145\/3133956.3134063"},{"key":"20_CR13","doi-asserted-by":"crossref","unstructured":"Delignat-Lavaud, A., et al.: Implementing and proving the TLS 1.3 record layer. In: 2017 IEEE Symposium on Security and Privacy, SP 2017, pp. 463\u2013482. IEEE Computer Society (2017)","DOI":"10.1109\/SP.2017.58"},{"key":"20_CR14","doi-asserted-by":"crossref","unstructured":"Dowling, B., Fischlin, M., G\u00fcnther, F., Stebila, D.: A cryptographic analysis of the TLS 1.3 handshake protocol candidates. In: ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, pp. 1197\u20131210. ACM, New York (2015)","DOI":"10.1145\/2810103.2813653"},{"key":"20_CR15","unstructured":"Dowling, B., Fischlin, M., G\u00fcnther, F., Stebila, D.: A cryptographic analysis of the TLS 1.3 draft-10 full and pre-shared key handshake protocol. Cryptology ePrint Archive, Report 2016\/081 (2016). https:\/\/eprint.iacr.org\/2016\/081"},{"key":"20_CR16","unstructured":"Dowling, B.J.: Provable security of internet protocols. Ph.D. thesis, Queensland University of Technology (2017)"},{"key":"20_CR17","doi-asserted-by":"crossref","unstructured":"Fischlin, M., G\u00fcnther, F.: Multi-stage key exchange and the case of Google\u2019s QUIC protocol. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1193\u20131204. ACM (2014)","DOI":"10.1145\/2660267.2660308"},{"key":"20_CR18","doi-asserted-by":"crossref","unstructured":"Fischlin, M., G\u00fcnther, F.: Replay attacks on zero round-trip time: the case of the TLS 1.3 handshake candidates. In: 2017 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 60\u201375. IEEE (2017)","DOI":"10.1109\/EuroSP.2017.18"},{"key":"20_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"545","DOI":"10.1007\/978-3-662-48000-7_27","volume-title":"Advances in Cryptology \u2013 CRYPTO 2015","author":"M Fischlin","year":"2015","unstructured":"Fischlin, M., G\u00fcnther, F., Marson, G.A., Paterson, K.G.: Data is a stream: security of stream-based channels. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 545\u2013564. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-48000-7_27"},{"key":"20_CR20","unstructured":"Gebhart, G.: Tipping the scales on HTTPS: 2017 in review, December 2017. https:\/\/www.eff.org\/deeplinks\/2017\/12\/tipping-scales-https"},{"key":"20_CR21","unstructured":"Gilad, Y., Herzberg, A.: Off-path attacking the web. In: WOOT, pp. 41\u201352 (2012)"},{"key":"20_CR22","unstructured":"IP Latency Statistics \u2014 Verizon Enterprise Solutions: Verizon Enterprise Solutions (2018). http:\/\/www.verizonenterprise.com\/about\/network\/latency\/"},{"key":"20_CR23","unstructured":"Iyengar, J., Thomson, M.: QUIC: a UDP-based multiplexed and secure transport, January 2019. https:\/\/quicwg.org\/base-drafts\/draft-ietf-quic-transport.html"},{"key":"20_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"273","DOI":"10.1007\/978-3-642-32009-5_17","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"T Jager","year":"2012","unstructured":"Jager, T., Kohlar, F., Sch\u00e4ge, S., Schwenk, J.: On the security of TLS-DHE in the standard model. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 273\u2013293. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32009-5_17"},{"key":"20_CR25","doi-asserted-by":"crossref","unstructured":"Jero, S., Lee, H., Nita-Rotaru, C.: Leveraging state information for automated attack discovery in transport protocol implementations. In: IEEE\/IFIP International Conference on Dependable Systems and Networks (2015)","DOI":"10.1109\/DSN.2015.22"},{"key":"20_CR26","doi-asserted-by":"crossref","unstructured":"Jero, S., Hoque, E., Choffnes, D., Mislove, A., Nita-Rotaru, C.: Automated attack discovery in TCP congestion control using a model-guided approach. In: Network and Distributed Systems Security Symposium (NDSS) (2018)","DOI":"10.14722\/ndss.2018.23115"},{"key":"20_CR27","unstructured":"Joncheray, L.: A simple active attack against TCP. In: USENIX Security Symposium (1995)"},{"key":"20_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"429","DOI":"10.1007\/978-3-642-40041-4_24","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"H Krawczyk","year":"2013","unstructured":"Krawczyk, H., Paterson, K.G., Wee, H.: On the security of the TLS protocol: a systematic analysis. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 429\u2013448. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40041-4_24"},{"key":"20_CR29","doi-asserted-by":"crossref","unstructured":"Krawczyk, H., Wee, H.: The OPTLS protocol and TLS 1.3. In: 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 81\u201396. IEEE (2016)","DOI":"10.1109\/EuroSP.2016.18"},{"issue":"1","key":"20_CR30","doi-asserted-by":"publisher","first-page":"46","DOI":"10.1109\/LCOMM.2009.081555","volume":"13","author":"VA Kumar","year":"2009","unstructured":"Kumar, V.A., Jayalekshmy, P.S., Patra, G.K., Thangavelu, R.P.: On remote exploitation of TCP sender for low-rate flooding denial-of-service attack. IEEE Commun. Lett. 13(1), 46\u201348 (2009)","journal-title":"IEEE Commun. Lett."},{"issue":"4","key":"20_CR31","doi-asserted-by":"publisher","first-page":"683","DOI":"10.1109\/TNET.2006.880180","volume":"14","author":"A Kuzmanovic","year":"2006","unstructured":"Kuzmanovic, A., Knightly, E.: Low-rate TCP-targeted denial of service attacks and counter strategies. IEEE\/ACM Trans. Netw. 14(4), 683\u2013696 (2006)","journal-title":"IEEE\/ACM Trans. Netw."},{"key":"20_CR32","unstructured":"Langley, A., Chang, W.: QUIC crypto (2016). https:\/\/docs.google.com\/document\/d\/1g5nIXAIkN_Y-7XJW5K45IblHd_L2f5LTaDUDwvZ5L6g\/edit"},{"key":"20_CR33","doi-asserted-by":"crossref","unstructured":"Li, X., Xu, J., Zhang, Z., Feng, D., Hu, H.: Multiple handshakes security of TLS 1.3 candidates. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 486\u2013505. IEEE (2016)","DOI":"10.1109\/SP.2016.36"},{"key":"20_CR34","unstructured":"Linden, G.: Make data useful (2006). https:\/\/sites.google.com\/site\/glinden\/Home\/StanfordDataMining.2006-11-29.ppt"},{"key":"20_CR35","doi-asserted-by":"crossref","unstructured":"Lychev, R., Jero, S., Boldyreva, A., Nita-Rotaru, C.: How secure and quick is QUIC? Provable security and performance analyses. In: 2015 IEEE Symposium on Security and Privacy (SP), pp. 214\u2013231. IEEE (2015)","DOI":"10.1109\/SP.2015.21"},{"key":"20_CR36","unstructured":"Morris, R.: A weakness in the 4.2 BSD unix TCP\/IP software. Technical report, AT&T Bell Leboratories (1985)"},{"key":"20_CR37","doi-asserted-by":"crossref","unstructured":"Patton, C., Shrimpton, T.: Partially specified channels: the TLS 1.3 record layer without elision. In: ACM SIGSAC Conference on Computer and Communications Security. ACM (2018)","DOI":"10.1145\/3243734.3243789"},{"key":"20_CR38","doi-asserted-by":"crossref","unstructured":"Postel, J.: User datagram protocol. RFC 768 (Standard) (1980)","DOI":"10.17487\/rfc0768"},{"key":"20_CR39","doi-asserted-by":"crossref","unstructured":"Postel, J.: Transmission control protocol. RFC 793 (Standard) (1981)","DOI":"10.17487\/rfc0793"},{"key":"20_CR40","doi-asserted-by":"crossref","unstructured":"Qian, Z., Mao, Z.M.: Off-path TCP sequence number inference attack - how firewall middleboxes reduce security. In: IEEE Symposium on Security and Privacy, pp. 347\u2013361 (2012)","DOI":"10.1109\/SP.2012.29"},{"key":"20_CR41","doi-asserted-by":"crossref","unstructured":"Qian, Z., Mao, Z.M., Xie, Y.: Collaborative TCP sequence number inference attack: how to crack sequence number under a second. In: ACM Conference on Computer and Communications Security (2012)","DOI":"10.1145\/2382196.2382258"},{"key":"20_CR42","doi-asserted-by":"crossref","unstructured":"Radhakrishnan, S., Cheng, Y., Chu, J., Jain, A., Raghavan, B.: TCP fast open. In: Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies, p. 21. ACM (2011)","DOI":"10.1145\/2079296.2079317"},{"key":"20_CR43","doi-asserted-by":"crossref","unstructured":"Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446, August 2018","DOI":"10.17487\/RFC8446"},{"key":"20_CR44","doi-asserted-by":"crossref","unstructured":"Rogaway, P.: Authenticated-encryption with associated-data. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 98\u2013107. ACM (2002)","DOI":"10.1145\/586110.586125"},{"key":"20_CR45","unstructured":"Roskind, J.: QUIC(quick UDP internet connections): multiplexed stream transport over UDP. Technical report, Google (2013)"},{"issue":"5","key":"20_CR46","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1145\/505696.505704","volume":"29","author":"S Savage","year":"1999","unstructured":"Savage, S., Cardwell, N., Wetherall, D., Anderson, T.: TCP congestion control with a misbehaving receiver. ACM SIGCOMM Comput. Commun. Rev. 29(5), 71\u201378 (1999)","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"20_CR47","unstructured":"Thomson, M., Turner, S.: Using transport layer security (TLS) to secure QUIC, January 2019. https:\/\/quicwg.org\/base-drafts\/draft-ietf-quic-tls.html"},{"key":"20_CR48","unstructured":"Watson, P.: Slipping in the window: TCP reset attacks. Technical report, CanSecWest (2004). http:\/\/bandwidthco.com\/whitepapers\/netforensics\/tcpip\/TCPResetAttacks.pdf"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2019"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-29959-0_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,15]],"date-time":"2024-09-15T00:06:14Z","timestamp":1726358774000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-29959-0_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030299583","9783030299590"],"references-count":48,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-29959-0_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"15 September 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Luxembourg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Luxembourg","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 September 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 September 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/conf.laas.fr\/esorics\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"344","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"67","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,2","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"11","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}