{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T13:51:15Z","timestamp":1726062675893},"publisher-location":"Cham","reference-count":44,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030372279"},{"type":"electronic","value":"9783030372286"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-37228-6_17","type":"book-chapter","created":{"date-parts":[[2019,12,16]],"date-time":"2019-12-16T10:00:05Z","timestamp":1576490405000},"page":"341-364","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Towards Forward Secure Internet Traffic"],"prefix":"10.1007","author":[{"given":"Eman Salem","family":"Alashwali","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pawel","family":"Szalachowski","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Andrew","family":"Martin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,12,13]]},"reference":[{"key":"17_CR1","unstructured":"Akhawe, D., Felt, A.P.: Alice in warningland: a large-scale field study of browser security warning effectiveness. In: Proceedings of USENIX Security Symposium (2013)"},{"key":"17_CR2","doi-asserted-by":"crossref","unstructured":"Alashwali, E.S.: Cryptographic vulnerabilities in real-life web servers. In: Proceedings of International Conference on Communications and Information Technology (ICCIT), pp. 6\u201311 (2013)","DOI":"10.1109\/ICCITechnology.2013.6579513"},{"key":"17_CR3","first-page":"468","volume-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","author":"Eman Salem Alashwali","year":"2018","unstructured":"Alashwali, E.S., Rasmussen, K.: What\u2019s in a downgrade? a taxonomy of downgrade attacks in the TLS protocol and application protocols using TLS. In: Proceedings of Applications and Techniques in Cyber Security (ATCS), pp. 468\u2013487 (2018)"},{"key":"17_CR4","doi-asserted-by":"crossref","unstructured":"Alashwali, E.S., Szalachowski, P., Martin, A.: Does \u201cwww.\" mean better transport layer security? In: Proceedings of Availability, Reliability and Security (ARES), pp. 23:1\u201323:7 (2019)","DOI":"10.1145\/3339252.3339277"},{"key":"17_CR5","unstructured":"Alexa Internet Inc.: Alexa Top Sites (2018). \nhttp:\/\/s3.amazonaws.com\/alexa-static\/top-1m.csv.zip\n\n. Accessed 22 August (2018)"},{"key":"17_CR6","doi-asserted-by":"crossref","unstructured":"AlFardan, N.J., Paterson, K.G.: Lucky thirteen: breaking the TLS and DTLS record protocols. In: Proceedings of Security and Privacy (SP), pp. 526\u2013540 (2013)","DOI":"10.1109\/SP.2013.42"},{"key":"17_CR7","doi-asserted-by":"crossref","unstructured":"Amann, J., Gasser, O., Scheitle, Q., Brent, L., Carle, G., Holz, R.: Mission accomplished?: HTTPS security after diginotar. In: Proceedings of Internet Measurement Conference (IMC), pp. 325\u2013340 (2017)","DOI":"10.1145\/3131365.3131401"},{"key":"17_CR8","unstructured":"Barnes, R., Thomson, M., Pironti, A., Langley, A.: Deprecating Secure Sockets Layer Version 3.0 (2015). \nhttps:\/\/tools.ietf.org\/html\/rfc7568\n\n. Accessed 30 September (2018)"},{"key":"17_CR9","doi-asserted-by":"crossref","unstructured":"Calzavara, S., Focardi, R., Nemec, M., Rabitti, A., Squarcina, M.: Postcards from the post-HTTP world: amplification of HTTPS vulnerabilities in the web ecosystem. In: Proceedings of Security and Privacy (SP), pp. 281\u2013298 (2019)","DOI":"10.1109\/SP.2019.00053"},{"key":"17_CR10","first-page":"1","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2000","author":"Stefania Cavallar","year":"2000","unstructured":"Cavallar, S., et al.: Factorization of a 512-bit RSA modulus. In: Proceedings of Advances in Cryptology (EUROCRYPT), pp. 1\u201318 (2000)"},{"key":"17_CR11","unstructured":"Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2 (2008). \nhttps:\/\/www.ietf.org\/rfc\/rfc5246.txt\n\n. Accessed 6 July 2018"},{"issue":"6","key":"17_CR12","doi-asserted-by":"publisher","first-page":"644","DOI":"10.1109\/TIT.1976.1055638","volume":"22","author":"W Diffie","year":"1976","unstructured":"Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644\u2013654 (1976)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"17_CR13","unstructured":"Dukhovni, V.: Opportunistic Security: Some Protection Most of the Time (2014). \nhttps:\/\/tools.ietf.org\/html\/rfc7435.html\n\n. Accessed 1 October (2018)"},{"key":"17_CR14","doi-asserted-by":"crossref","unstructured":"Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., Halderman, J.A.: A search engine backed by internet-wide scanning. In: Proceedings of Computer and Communications Security (CCS), pp. 542\u2013553 (2015)","DOI":"10.1145\/2810103.2813703"},{"key":"17_CR15","unstructured":"Eastlake 3rd, D.: Transport Layer Security (TLS) Extensions: Extension Definitions. \nhttps:\/\/tools.ietf.org\/html\/rfc6066#page-6\n\n. Accessed 19 June 2019"},{"key":"17_CR16","unstructured":"FIPS: Advanced Encryption Standard (AES) (2001). \nhttps:\/\/nvlpubs.nist.gov\/nistpubs\/FIPS\/NIST.FIPS.197.pdf\n\n. Accessed 30 Sept 2018"},{"key":"17_CR17","unstructured":"Heninger, N., Durumeric, Z., Wustrow, E., Halderman, J.A.: Mining your Ps and Qs: detection of widespread weak keys in network devices. In: Proceedings of USENIX Security Symposium, pp. 205\u2013220 (2012)"},{"key":"17_CR18","doi-asserted-by":"crossref","unstructured":"Holz, R., Braun, L., Kammenhuber, N., Carle, G.: The SSL landscape: a thorough analysis of the X.509 PKI using active and passive measurements. In: Proceedings of Internet Measurement Conference (IMC), pp. 427\u2013444 (2011)","DOI":"10.1145\/2068816.2068856"},{"issue":"6","key":"17_CR19","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1109\/MIC.2014.86","volume":"18","author":"LS Huang","year":"2014","unstructured":"Huang, L.S., Adhikarla, S., Boneh, D., Jackson, C.: An experimental study of TLS forward secrecy deployments. IEEE Internet Comput. 18(6), 43\u201351 (2014)","journal-title":"IEEE Internet Comput."},{"key":"17_CR20","first-page":"273","volume-title":"Lecture Notes in Computer Science","author":"Tibor Jager","year":"2012","unstructured":"Jager, T., Kohlar, F., Sch\u00e4ge, S., Schwenk, J.: On the security of TLS-DHE in the standard model. In: Proceedings of Advances in Cryptology (CRYPTO), pp. 273\u2013293 (2012)"},{"key":"17_CR21","doi-asserted-by":"publisher","first-page":"333","DOI":"10.1007\/978-3-642-14623-7_18","volume-title":"Advances in Cryptology \u2013 CRYPTO 2010","author":"Thorsten Kleinjung","year":"2010","unstructured":"Kleinjung, T., et al.: Factorization of a 768-bit RSA modulus. In: Proceedings of Advances in Cryptology (CRYPTO), pp. 333\u2013350 (2010)"},{"key":"17_CR22","doi-asserted-by":"crossref","unstructured":"Kotzias, P., Razaghpanah, A., Amann, J., Paterson, K.G., Vallina-Rodriguez, N., Caballero, J.: Coming of age: a longitudinal study of TLS deployment. In: Proceedings of Internet Measurement Conference (IMC), pp. 415\u2013428 (2018)","DOI":"10.1145\/3278532.3278568"},{"key":"17_CR23","unstructured":"Kurkowski, J.: tldextract (2017). \nhttps:\/\/github.com\/john-kurkowski\/tldextract\n\n. Accessed 30 Oct 2018"},{"key":"17_CR24","doi-asserted-by":"crossref","unstructured":"Laurie, B., Langley, A., Kasper, E.: Certificate Transparency (2013). Accessed 25 Feb 2019","DOI":"10.17487\/rfc6962"},{"key":"17_CR25","doi-asserted-by":"crossref","unstructured":"Lee, H.K., Malkin, T., Nahum, E.: Cryptographic strength of SSL\/TLS servers: current and recent practices. In: Proceedings of Internet Measurement Conference (IMC), pp. 83\u201392 (2007)","DOI":"10.1145\/1298306.1298318"},{"key":"17_CR26","unstructured":"Menezes, A.J., Van\u00a0Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC press, Boca Raton (1996)"},{"key":"17_CR27","unstructured":"Moeller, B., Langley, A.: TLS Fallback Signaling Cipher Suite Value (SCSV) for preventing protocol downgrade attacks (2014). \nhttps:\/\/tools.ietf.org\/html\/draft-ietf-tls-downgrade-scsv-00\n\n. Accessed 1 Oct 2018"},{"key":"17_CR28","unstructured":"M\u00f6ller, B., Duong, T., Kotowicz, K.: This POODLE Bites: Exploiting the SSL 3.0 Fallback (2014). \nhttps:\/\/www.openssl.org\/~bodo\/ssl-poodle.pdf\n\n. Accessed 6 July 2018"},{"key":"17_CR29","unstructured":"Nir, Y., Josefsson, S., Pegourie-Gonnard, M.: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier (2018). \nhttps:\/\/tools.ietf.org\/html\/rfc8422\n\n. Accessed 21 June 2019"},{"issue":"10","key":"17_CR30","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1145\/2896816","volume":"59","author":"C Partridge","year":"2016","unstructured":"Partridge, C., Allman, M.: Ethical considerations in network measurement papers. Commun. ACM 59(10), 58\u201364 (2016)","journal-title":"Commun. ACM"},{"key":"17_CR31","unstructured":"Popov, A.: Prohibiting RC4 Cipher Suites (2015). \nhttps:\/\/tools.ietf.org\/html\/rfc7465\n\n. Accessed 30 Sept 2018"},{"key":"17_CR32","unstructured":"Qualys Inc.: SSL Labs (2018). \nhttps:\/\/www.ssllabs.com\/ssl-pulse\/\n\n. Accessed 10 April 2019"},{"key":"17_CR33","unstructured":"Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3 (2018). \nhttps:\/\/tools.ietf.org\/html\/rfc8446\n\n. Accessed 27 November 2019"},{"issue":"2","key":"17_CR34","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1145\/359340.359342","volume":"21","author":"RL Rivest","year":"1978","unstructured":"Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120\u2013126 (1978)","journal-title":"Commun. ACM"},{"key":"17_CR35","unstructured":"Ryan, M.D.: Enhanced certificate transparency and end-to-end encrypted mail. In: Proceedings of Network and Distributed System (NDSS) (2018)"},{"key":"17_CR36","unstructured":"Salowey, J., Choudhury, A., McGrew, D.: AES Galois Counter Mode (GCM) Cipher Suites for TLS (2008). \nhttps:\/\/tools.ietf.org\/html\/rfc5288#page-3\n\n. Accessed 12 Nov 2018"},{"key":"17_CR37","doi-asserted-by":"publisher","first-page":"533","DOI":"10.1007\/978-3-319-70972-7_30","volume-title":"Financial Cryptography and Data Security","author":"Nayanamana Samarasinghe","year":"2017","unstructured":"Samarasinghe, N., Mannan, M.: Short paper: TLS ecosystems in networked devices vs. web servers. In: Proceedings of Financial Cryptography and Data Security (FC), pp. 533\u2013541 (2017)"},{"key":"17_CR38","unstructured":"Sunshine, J., Egelman, S., Almuhimedi, H., Atri, N., Cranor, L.F.: Crying wolf: an empirical study of SSL warning effectiveness. In: Proceedings of USENIX Security Symposium, pp. 399\u2013416 (2009)"},{"key":"17_CR39","unstructured":"Synopsys Inc.: The Heartbleed Bug (2014). \nhttp:\/\/heartbleed.com\n\n. Accessed 17 Sept 2018"},{"key":"17_CR40","doi-asserted-by":"crossref","unstructured":"Vaudenay, S.: Security flaws induced by CBC padding-applications to SSL, IPSEC, WTLS.... In: Proceedings of Theory and Applications of Cryptographic Techniques (EUROCRYPT), pp. 534\u2013546 (2002)","DOI":"10.1007\/3-540-46035-7_35"},{"key":"17_CR41","unstructured":"W3Schools: Browser Statistics (2019). \nhttps:\/\/www.w3schools.com\/browsers\n\n. Accessed 27 Feb 2019"},{"key":"17_CR42","unstructured":"Wikipedia: PRISM (Surveillance Program) (2018). \nhttps:\/\/en.wikipedia.org\/wiki\/PRISM_(surveillance_program)\n\n. Accessed 3 Oct 2018"},{"key":"17_CR43","unstructured":"Yahoo Inc.: tls-scan (2016), \nhttps:\/\/github.com\/prbinu\/tls-scan\n\n. Accessed 8 Sept 2018"},{"key":"17_CR44","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1007\/3-540-68697-5_8","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201996","author":"Adam Young","year":"1996","unstructured":"Young, A., Yung, M.: The dark side of black-box cryptography or: should we trust capstone? In: Proceedings of Advances in Cryptology (CRYPTO), pp. 89\u2013103 (1996)"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-37228-6_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,12,16]],"date-time":"2019-12-16T10:01:53Z","timestamp":1576490513000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-37228-6_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030372279","9783030372286"],"references-count":44,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-37228-6_17","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"13 December 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SecureComm","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Privacy in Communication Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Orlando, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 October 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"securecomm2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/securecomm.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"149","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}