Cyber-attacks are becoming more common against Internet users due to the increasing
dependency on online communication in their daily lives. X. 509 Public-Key Infrastructure …

Potentially dangerous cryptography errors are well-documented in many applications.
Conventional wisdom suggests that many of these errors are caused by cryptographic …

Despite a great deal of work to improve the TLS PKI, CA misbehavior continues to occur,
resulting in unauthorized certificates that can be used to mount man-in-the-middle attacks …

Critical to the security of any public key infrastructure (PKI) is the ability to revoke previously
issued certificates. While the overall SSL ecosystem is well-studied, the frequency with …

Consumer IoT devices are becoming increasingly popular, with most leveraging TLS to
provide connection security. In this work, we study a large number of TLS-enabled consumer …

Currently, no major browser fully checks for TLS/SSL certificate revocations. This is largely
due to the fact that the deployed mechanisms for disseminating revocations (CRLs, OCSP …

The semantics of online authentication in the web are rather straightforward: if Alice has a
certificate binding Bob's name to a public key, and if a remote entity can prove knowledge of …

SSL and TLS are used to secure the most commonly used Internet protocols. As a result, the
ecosystem of SSL certificates has been thoroughly studied, leading to a broad …

To detect fraudulent TLS server certificates and improve the accountability of certification
authorities (CAs), certificate transparency (CT) is proposed to record certificates in publicly …

For increased security during TLS certificate validation, a common recommendation is to use
a variation of pinning. Especially non-browser software developers are encouraged to limit …