As the Internet has transformed into a critical infrastructure, society has become more
vulnerable to its security flaws. Despite substantial efforts to address many of these …

The secret keys of critical network authorities--such as time, name, certificate, and software
update services--represent high-value targets for hackers, criminals, and spy agencies …

Despite a great deal of work to improve the TLS PKI, CA misbehavior continues to occur,
resulting in unauthorized certificates that can be used to mount man-in-the-middle attacks …

abstract As the Internet has transformed into a critical infrastructure, society has become
more vulnerable to its security flaws. Despite substantial efforts to address many of these …

The potential development of large-scale quantum computers is raising concerns among IT
and security research professionals due to their ability to solve (elliptic curve) discrete …

In recent years, real-world attacks against PKI take place frequently. For example, malicious
domains' certificates issued by compromised CAs are widespread, and revoked certificates …

In conventional PKI, CAs are assumed to be fully trusted. However, in practice, CAs'
absolute responsibility for providing trustworthiness caused major security and privacy …

Traditional X. 509 public key infrastructures (PKIs) depend on trusted certification authorities
(CAs) to sign certificates, used in SSL/TLS to authenticate web servers and establish secure …

In this paper, we present Nethammer, a remote Rowhammer attack without a single attacker-
controlled line of code on the targeted system, ie, not even JavaScript. Nethammer works on …

Consumer IoT devices are becoming increasingly popular, with most leveraging TLS to
provide connection security. In this work, we study a large number of TLS-enabled consumer …