{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,16]],"date-time":"2025-12-16T12:17:07Z","timestamp":1765887427825,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":40,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642331664"},{"type":"electronic","value":"9783642331671"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-33167-1_12","type":"book-chapter","created":{"date-parts":[[2012,8,18]],"date-time":"2012-08-18T10:07:05Z","timestamp":1345284425000},"page":"199-216","source":"Crossref","is-referenced-by-count":31,"title":["Trust No One Else: Detecting MITM Attacks against SSL\/TLS without Third-Parties"],"prefix":"10.1007","author":[{"given":"Italo","family":"Dacosta","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mustaque","family":"Ahamad","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Patrick","family":"Traynor","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"unstructured":"Certificate Patrol (2010), http:\/\/patrol.psyced.org\/","key":"12_CR1"},{"unstructured":"Adams, C., Farrell, S.: RFC 2510 - Internet X.509 Public Key Infrastructure Certificate Management Protocols (1999), https:\/\/tools.ietf.org\/html\/rfc2510","key":"12_CR2"},{"doi-asserted-by":"crossref","unstructured":"Alicherry, M., Keromytis, A.D.: DoubleCheck: Multi-path Verification Against Man-in-the-Middle Attacks. In: Proceedings of the IEEE Symposium on Computers and Communications (2009)","key":"12_CR3","DOI":"10.1109\/ISCC.2009.5202224"},{"unstructured":"Altman, J., Williams, N., Zhu, L.: RFC 5929 - Channel Bindings for TLS (2010), http:\/\/tools.ietf.org\/html\/rfc5929","key":"12_CR4"},{"unstructured":"AT&T: Network Averages (2012), http:\/\/ipnetwork.bgtmo.ip.att.net\/pws\/averages.html","key":"12_CR5"},{"unstructured":"Blanchet, B.: ProVerif: Cryptographic Protocol Verifier in the Formal Model, http:\/\/www.proverif.ens.fr\/","key":"12_CR6"},{"unstructured":"BlueKrypt: Cryptographic Key Length Recommendation (2012), http:\/\/www.keylength.com\/","key":"12_CR7"},{"key":"12_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1007\/3-540-45539-6_12","volume-title":"Advances in Cryptology - EUROCRYPT 2000","author":"V. Boyko","year":"2000","unstructured":"Boyko, V., MacKenzie, P.D., Patel, S.: Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol.\u00a01807, pp. 156\u2013171. Springer, Heidelberg (2000)"},{"unstructured":"Brusilovsky, A., Faynberg, I., Zeltsan, Z., Patel, S.: RFC 5683 - Password-Authenticated Key (PAK) Diffie-Hellman Exchange (2010), http:\/\/tools.ietf.org\/html\/rfc5683","key":"12_CR9"},{"unstructured":"Dierks, T., Rescorla, E.: RFC 5246 - The Transport Layer Security (TLS) Protocol Version 1.2 (2008), http:\/\/tools.ietf.org\/html\/rfc5246","key":"12_CR10"},{"unstructured":"Eckersley, P., Burns, J.: The (Decentralized) SSL Observatory. In: USENIX Security Symposium (2011) (Invited Talk)","key":"12_CR11"},{"unstructured":"Electronic Frontier Foundation (EFF): The Sovereign Keys Project (2011), https:\/\/www.eff.org\/sovereign-keys","key":"12_CR12"},{"issue":"1","key":"12_CR13","first-page":"1","volume":"16","author":"C. Ellison","year":"2000","unstructured":"Ellison, C., Schneier, B.: Ten Risks of PKI: What You\u2019re Not Being Told About Public Key Infrastructure. Computer Security Journal\u00a016(1), 1\u20137 (2000)","journal-title":"Computer Security Journal"},{"unstructured":"Engert, K.: MECAI (2011), http:\/\/kuix.de\/mecai\/","key":"12_CR14"},{"unstructured":"Engler, J., Karlof, C., Shi, E., Song, D.: Is It Too Late for PAKE? In: Proceedings of the IEEE Web 2.0 Security and Privacy Workshop (2009)","key":"12_CR15"},{"unstructured":"Evans, C., Palmer, C.: Certificate Pinning Extension for HSTS (2011), http:\/\/www.ietf.org\/mail-archive\/web\/websec\/current\/pdfnSTRd9kYcY.pdf","key":"12_CR16"},{"unstructured":"Freier, A., Karlton, P., Kocher, P.: RFC 6101 - The Secure Sockets Layer (SSL) Protocol Version 3.0 (2011), https:\/\/tools.ietf.org\/html\/rfc6101","key":"12_CR17"},{"unstructured":"Goodin, D.: Web Authentication Authority Suffers Security Breach (2011), http:\/\/www.theregister.co.uk\/2011\/06\/21\/startssl_security_breach\/","key":"12_CR18"},{"issue":"8","key":"12_CR19","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1109\/MC.2002.1023787","volume":"35","author":"P. Gutman","year":"2002","unstructured":"Gutman, P.: PKI: It\u2019s Not Dead, Just Resting. Computer\u00a035(8), 41\u201349 (2002)","journal-title":"Computer"},{"unstructured":"Hoffman, P., Schlyter, J.: IETF Internet-Draft: Using Secure DNS to Associate Certificates with Domain Names For TLS (draft-ietf-dane-protocol-06) (2011), http:\/\/tools.ietf.org\/html\/draft-ietf-dane-protocol-06","key":"12_CR20"},{"unstructured":"International Telecommunication Union: ITU-T Recommendation X.1035: Password-Authenticated Key Exchange (PAK) Protocol (2007), http:\/\/www.itu.int\/rec\/T-REC-X.1035\/en","key":"12_CR21"},{"unstructured":"Keizer, G.: Hackers May Have Stolen Over 200 SSL Certificates (2011), https:\/\/www.computerworld.com\/s\/article\/9219663\/Hackers_may_have_stolen_over_200_SSL_certificates","key":"12_CR22"},{"unstructured":"Kirk, J.: KPN Stops Issuing SSL Certificates After Possible Breach (2011), https:\/\/www.pcworld.com\/businesscenter\/article\/243275\/kpn_stops_issuing_ssl_certificates_after_possible_breach.html","key":"12_CR23"},{"unstructured":"Langley, A.: Revocation Doesn\u2019t Work (2011), http:\/\/www.imperialviolet.org\/2011\/03\/18\/revocation.html","key":"12_CR24"},{"unstructured":"Laurie, B., Langley, A.: Certificate Authority Transparency and Auditability (2011), http:\/\/www.links.org\/files\/CertificateAuthorityTransparencyandAuditability.pdf","key":"12_CR25"},{"unstructured":"Leyden, J.: Inside \u2019Operation Black Tulip\u2019: DigiNotar Hack Analysed (2011), http:\/\/www.theregister.co.uk\/2011\/09\/06\/diginotar_audit_damning_fail\/","key":"12_CR26"},{"unstructured":"Leyden, J.: Trustwave Admits Crafting SSL Snooping Certificate (2012), http:\/\/www.theregister.co.uk\/2012\/02\/09\/tustwave_disavows_mitm_digital_cert\/","key":"12_CR27"},{"doi-asserted-by":"crossref","unstructured":"MacKenzie, P.: The PAK suite: Protocols for Password-Authenticated Key Exchange. In: IEEE P1363.2: Password-Based Public-Key Cryptography (2002)","key":"12_CR28","DOI":"10.1007\/3-540-45708-9_25"},{"key":"12_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"209","DOI":"10.1007\/978-3-540-30574-3_15","volume-title":"Topics in Cryptology \u2013 CT-RSA 2005","author":"P.D. MacKenzie","year":"2005","unstructured":"MacKenzie, P.D., Patel, S.: Hard Bits of the Discrete Log with Applications to Password Authentication. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol.\u00a03376, pp. 209\u2013226. Springer, Heidelberg (2005)"},{"unstructured":"Marlinspike, M.: Convergence (2011), http:\/\/convergence.io\/","key":"12_CR30"},{"doi-asserted-by":"crossref","unstructured":"Oiwa, Y., Takagi, H., Watanabe, H., Suzuki, H.: PAKE-based Mutual HTTP Authentication for Preventing Phishing Attacks (Poster). In: Proceedings of the International Conference on World Wide Web, WWW (2009)","key":"12_CR31","DOI":"10.1145\/1526709.1526898"},{"issue":"3","key":"12_CR32","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1109\/MC.2008.98","volume":"41","author":"R. Oppliger","year":"2008","unstructured":"Oppliger, R., Hauser, R., Basin, D.: SSL\/TLS Session-Aware User Authentication. Computer\u00a041(3), 59\u201365 (2008)","journal-title":"Computer"},{"key":"12_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11889663_1","volume-title":"Financial Cryptography and Data Security","author":"B. Parno","year":"2006","unstructured":"Parno, B., Kuo, C., Perrig, A.: Phoolproof Phishing Prevention. In: Di Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol.\u00a04107, pp. 1\u201319. Springer, Heidelberg (2006)"},{"unstructured":"Richmond, R.: An Attack Sheds Light on Internet Security Holes (2011), http:\/\/www.nytimes.com\/2011\/04\/07\/technology\/07hack.html","key":"12_CR34"},{"unstructured":"Singel, R.: Law Enforcement Appliance Subverts SSL (2010), http:\/\/www.wired.com\/threatlevel\/2010\/03\/packet-forensics\/","key":"12_CR35"},{"key":"12_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"250","DOI":"10.1007\/978-3-642-27576-0_20","volume-title":"Financial Cryptography and Data Security","author":"C. Soghoian","year":"2012","unstructured":"Soghoian, C., Stamm, S.: Certified Lies: Detecting and Defeating Government Interception Attacks against SSL (Short Paper). In: Danezis, G. (ed.) FC 2011. LNCS, vol.\u00a07035, pp. 250\u2013259. Springer, Heidelberg (2012)"},{"unstructured":"Taylor, D., Wu, T., Mavrogiannopoulos, N., Perrin, T.: RFC 5054 - Using the Secure Remote Password (SRP) Protocol for TLS Authentication (2007), http:\/\/tools.ietf.org\/html\/rfc5054","key":"12_CR37"},{"unstructured":"Wendlandt, D., Andersen, D.G., Perrig, A.: Perspectives: Improving SSH-style Host Authentication with Multi-path Probing. In: Proceedings of the USENIX Annual Technical Conference, ATC (2008)","key":"12_CR38"},{"unstructured":"Williams, N.: RFC 5056 - On the Use of Channel Bindings to Secure Channels (2007), http:\/\/tools.ietf.org\/html\/rfc5056","key":"12_CR39"},{"unstructured":"Wu, T.: The Secure Remote Password Protocol. In: Proceedings of the Network and Distributed System Security Symposium (1998)","key":"12_CR40"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2012"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-33167-1_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,26]],"date-time":"2022-01-26T21:05:36Z","timestamp":1643231136000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-33167-1_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642331664","9783642331671"],"references-count":40,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-33167-1_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}