Newer
Older
@ONLINE{libRaptorQ,
title = {libRaptorQ: Forward Error Correction},
url = {https://www.fenrirproject.org},
howpublished = {\url{https://www.fenrirproject.org}}
}
@ONLINE{SPID,
title = {SPID: Sistema Pubblico per la gestione dell'Identità Digitale},
url = {http://www.agid.gov.it/agenda-digitale/infrastrutture-architetture/spid},
howpublished = {\url{http://www.agid.gov.it/agenda-digitale/infrastrutture-architetture/spid}}
}
@ONLINE{OpenID,
title = {OpenID},
url = {http://openid.net/developers/specs/},
howpublished = {\url{http://openid.net/developers/specs/}}
}
@ONLINE{OpenID-Connect,
title = {OpenID-Connect},
url = {http://openid.net/connect/},
howpublished = {\url{http://openid.net/connect/}}
}
@ARTICLE{Kerberos,
author={Neuman, B.C. and Ts'o, T.},
journal={Communications Magazine, IEEE},
title={Kerberos: an authentication service for computer networks},
year={1994},
volume={32},
number={9},
pages={33-38},
keywords={computer networks;cryptography;message authentication;Kerberos;Mosaic;authentication service;authentication technology;computer networks;cryptography;information retrieval;interactive services;Authentication;Authorization;Computer displays;Computer networks;Cryptography;Delay;Electronic mail;File systems;Information security;Internet},
doi={10.1109/35.312841},
ISSN={0163-6804},
month={Sept},}
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
@ONLINE{DCCP:Online,
title = {DCCP RFCs \& documentazione},
month = mar,
year = {2006},
url = {http://www.read.cs.ucla.edu/dccp},
howpublished = {\url{http://www.read.cs.ucla.edu/dccp}}
}
@ONLINE{SCTP:Online,
title = {SCTP RFCs \& documentazione},
month = oct,
year = {2000},
url = {http://datatracker.ietf.org/wg/sigtran},
howpublished = {\url{http://datatracker.ietf.org/wg/sigtran}}
}
@ONLINE{QUIC:Online,
title = {QUIC analysis},
month = oct,
year = {2013},
url = {https://www.fenrirproject.org/projects/fenrir/wiki/QUIC},
howpublished = {\url{https://www.fenrirproject.org/projects/fenrir/wiki/QUIC}}
}
@ONLINE{CurveCP:Online,
title = {CurveCP protocol},
year = {2011},
url = {http://curvecp.org},
howpublished = {\url{http://curvecp.org}}
}
@misc{minimaLT,
author = {W. Michael Petullo and Xu Zhang and Jon A. Solworth and Daniel J. Bernstein and Tanja Lange},
title = {MinimaLT: Minimal-latency Networking Through Better Security},
howpublished = {Cryptology ePrint Archive, Report 2013/310},
year = {2013},
note = {\url{http://eprint.iacr.org/}},
}
@misc{rfc5746,
author="E. Rescorla and M. Ray and S. Dispensa and N. Oskov",
title="{Transport Layer Security (TLS) Renegotiation Indication Extension}",
series="Request for Comments",
number="5746",
howpublished="RFC 5746 (Proposed Standard)",
publisher="IETF",
organization="Internet Engineering Task Force",
year=2010,
month=feb,
url="http://www.ietf.org/rfc/rfc5746.txt",
howpublished = {\url{http://www.ietf.org/rfc/rfc5746.txt}}
}
@ONLINE{QUIC:reasons,
title = "QUIC: MULTIPLEXED STREAM TRANSPORT OVER UDP",
author = "Jim Roskind",
organization = "Google",
year = 2013,
url="https://docs.google.com/a/google.com/document/d/1RNHkx_VvKWyWg6Lr8SZ-saqsQx7rFV-ev2jRFUoVD34/preview?sle=true&pli=1",
howpublished = {\url{https://docs.google.com/a/google.com/document/d/1RNHkx_VvKWyWg6Lr8SZ-saqsQx7rFV-ev2jRFUoVD34/preview?sle=true&pli=1}}
}
@ONLINE{QUIC:crypto,
title = "QUIC Crypto",
author = {Adam Langley and Wan-Teh Chang},
organization = "Google",
year = 2013,
url="https://docs.google.com/document/d/1g5nIXAIkN_Y-7XJW5K45IblHd_L2f5LTaDUDwvZ5L6g/edit?pli=1",
howpublished = {\url{https://docs.google.com/document/d/1g5nIXAIkN_Y-7XJW5K45IblHd_L2f5LTaDUDwvZ5L6g/edit?pli=1}}
}
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
@techreport{QUIC:rfc,
number= {draft-tsvwg-quic-protocol-02},
type = {Internet-Draft},
institution = {Internet Engineering Task Force},
publisher = {Internet Engineering Task Force},
note = {Work in Progress},
url = {https://tools.ietf.org/html/draft-tsvwg-quic-protocol-02},
author= {Janardhan Iyengar and Ian Swett and Ryan Hamilton and Alyssa Wilk},
title= {{QUIC: A UDP-Based Secure and Reliable Transport for HTTP/2}},
pagetotal = 37,
year = 2016,
month = jan,
day = 13,
abstract = {QUIC (Quick UDP Internet Connection) is a new multiplexed and secure transport atop UDP, designed from the ground up and optimized for HTTP/2 semantics. While built with HTTP/2 as the primary application protocol, QUIC builds on decades of transport and security experience, and implements mechanisms that make it attractive as a modern general-purpose transport. QUIC provides multiplexing and flow control equivalent to HTTP/2, security equivalent to TLS, and connection semantics, reliability, and congestion control equivalent to TCP.},
}
@misc{OCSP,
series = {Request for Comments},
number= 6960,
howpublished= {IETF RFC 6960},
publisher = {RFC Editor},
doi = {10.17487/rfc6960},
url = {https://rfc-editor.org/rfc/rfc6960.txt},
author= {Stefan Santesson and Rich Ankney and Michael Myers and Ambarish Malpani and Slava Galperin and Dr. Carlisle Adams},
title= {{X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP}},
pagetotal = 41,
year = 2015,
month = oct,
day = 14,
abstract = {This document specifies a protocol useful in determining the current status of a digital certificate without requiring Certificate Revocation Lists (CRLs). Additional mechanisms addressing PKIX operational requirements are specified in separate documents. This document obsoletes RFCs 2560 and 6277. It also updates RFC 5912.},
}
@misc{TLS:SNI,
series = {Request for Comments},
number= 6066,
howpublished= {IETF RFC 6066},
publisher = {RFC Editor},
doi = {10.17487/rfc6066},
url = {https://rfc-editor.org/rfc/rfc6066.txt},
author= {Donald E. Eastlake 3rd},
title= {{Transport Layer Security (TLS) Extensions: Extension Definitions}},
pagetotal = 25,
year = 2015,
month = oct,
day = 14,
abstract = {This document provides specifications for existing TLS extensions. It is a companion document for RFC 5246, "The Transport Layer Security (TLS) Protocol Version 1.2". The extensions specified are server_name, max_fragment_length, client_certificate_url, trusted_ca_keys, truncated_hmac, and status_request. [STANDARDS-TRACK]},
}
@ONLINE{OAuth:Online,
title = "OAuth 1 and 2",
url="http://oauth.net",
howpublished = {\url{http://oauth.net}}
}
@misc{HTTP2,
series = {Request for Comments},
number= 7540,
howpublished= {IETF RFC 7540},
publisher = {RFC Editor},
doi = {10.17487/rfc7540},
url = {https://rfc-editor.org/rfc/rfc7540.txt},
author= {Mike Belshe and Roberto Peon and Martin Thomson},
title= {{Hypertext Transfer Protocol Version 2 (HTTP/2)}},
pagetotal = 96,
year = 2015,
month = nov,
day = 18,
abstract = {This specification describes an optimized expression of the semantics of the Hypertext Transfer Protocol (HTTP), referred to as HTTP version 2 (HTTP/2). HTTP/2 enables a more efficient use of network resources and a reduced perception of latency by introducing header field compression and allowing multiple concurrent exchanges on the same connection. It also introduces unsolicited push of representations from servers to clients.},
}
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
@article{Bellare:2008:AER:1410264.1410269,
author = {Bellare, Mihir and Namprempre, Chanathip},
title = {Authenticated Encryption: Relations Among Notions and analysis of the Generic Composition Paradigm},
journal = {J. Cryptol.},
issue_date = {September 2008},
volume = {21},
number = {4},
month = sep,
year = {2008},
issn = {0933-2790},
pages = {469--491},
numpages = {23},
url = {http://dx.doi.org/10.1007/s00145-008-9026-x},
doi = {10.1007/s00145-008-9026-x},
acmid = {1410269},
publisher = {Springer-Verlag New York, Inc.},
address = {Secaucus, NJ, USA},
keywords = {Authenticated encryption, Concrete security, Message authentication, Symmetric encryption},
}
@BOOK{ISOIEC19772,
title = {ISO/IEC 19772:2009. Information technology — Security techniques — Authenticated encryption},
publisher = {ISO/IEC},
year = {2009},
month = {feb},
day = {12},
author = {ISO/IEC}
}
@ONLINE{CAESAR,
title = "CAESAR: authenticated ciphers competition",
url="http://oauth.net",
url="http://competitions.cr.yp.to/",
howpublished = {\url{http://competitions.cr.yp.to/"}}
}
@ONLINE{3Shake,
title = "3Shake: Triple Handshakes attack on OpenSSL's TLS",
url="http://blog.cryptographyengineering.com/2014/04/attack-of-week-triple-handshakes-3shake.html",
howpublished = {\url{http://blog.cryptographyengineering.com/2014/04/attack-of-week-triple-handshakes-3shake.html}}
}
@ONLINE{Proverif,
title = "Proverif formal verification tool",
url="http://prosecco.gforge.inria.fr/personal/bblanche/proverif/",
howpublished={\url{http://prosecco.gforge.inria.fr/personal/bblanche/proverif/}}
}
@ONLINE{PHC,
title = "Password Hashing Competition",
url="https://password-hashing.net/",
howpublished={\url{https://password-hashing.net/}}
}
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
@misc{Proverif_TLS,
author="Carst Tankink, Pim Vullers",
title="Verification of the TLS Handshake protocol",
year=2008,
month=May,
url="http://www.cs.ru.nl/~chaack/teaching/2IF02-Spring08/tv-report.pdf",
howpublished = {\url{http://www.cs.ru.nl/~chaack/teaching/2IF02-Spring08/tv-report.pdf}}
}
@misc{TLS_1,
author="Florian Giesen, Florian Kohlar and Douglas Stebila",
title="On the security of TLS Renegotiation",
year=2013,
month=aug,
organization="Horst Gortz Institute for IT-Security, Ruhr-University Bochum, Bochum, Germany",
url="http://eprint.iacr.org/2012/630.pdf",
howpublished={\url{http://eprint.iacr.org/2012/630.pdf}}
}
@misc{TLS_2,
author="Hugo Krawczyk, Kenneth G. Paterson and Hoeteck Wee",
title="On the security of TLS protocol: A systematic Analysis",
year=2013,
organization="IBM, Royal Holloway, University of London and George Washington University",
url="http://eprint.iacr.org/2013/339.pdf",
howpublished={\url{http://eprint.iacr.org/2013/339.pdf}}
}
@misc{TLS_3,
author="Tibor Jager, Florian Kohlar, Jorg Schwenk and Sven Schage",
title="On the Security of TLS-DHE in the Standard Model",
year=2012,
month=jun,
organization="Karlsruhe Institute of Technology, Horst Gortz Institute for IT Security, University College London",
url="http://www.nds.ruhr-uni-bochum.de/media/nds/veroeffentlichungen/2012/08/22/main.pdf",
howpublished={\url{http://www.nds.ruhr-uni-bochum.de/media/nds/veroeffentlichungen/2012/08/22/main.pdf}}
}
@misc{TLS_4,
author="Karthikeyan Bhargavan, Cedric Fournet et al.",
title="Implementing TLS with Verified Cryptographic Security",
year=2013,
organization="INRIA Paris-Rocquencourt, Microsoft Research and IMDEA Software",
url="http://alfredo.pironti.eu/research/sites/default/files/oakland13.pdf",
howpublished={\url{http://alfredo.pironti.eu/research/sites/default/files/oakland13.pdf}}
}
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
@INPROCEEDINGS{TLS:Lucky13,
author={Al Fardan, N.J. and Paterson, K.G.},
booktitle={Security and Privacy (SP), 2013 IEEE Symposium on},
title={Lucky Thirteen: Breaking the TLS and DTLS Record Protocols},
year={2013},
pages={526-540},
keywords={Internet;computer network security;cryptographic protocols;data integrity;mobile computing;DTLS record protocols;Internet;OpenSSL implementations;cryptographic design;data confidentiality;data integrity;de facto secure protocol;decryption;mobile applications;plaintext recovery attacks;timing analysis;transport layer security protocol;Ciphers;Encryption;Media Access Protocol;Timing;CBC-mode encryption;DTLS;TLS;plaintext recovery;timing attack},
doi={10.1109/SP.2013.42},
ISSN={1081-6011},
month={May},}
@article{TLS_POODLE,
title={This POODLE bites: exploiting the SSL 3.0 fallback},
author={M{\"o}ller, Bodo and Duong, Thai and Kotowicz, Krzysztof},
journal={Google, Sep},
year={2014}
}
@amisc{TLS:BYCICLE,
title={HTTPS Bycicle Attack},
author={Guido Vranken},
year={2015},
month={12},
url="https://guidovranken.files.wordpress.com/2015/12/https-bicycle-attack.pdf",
howpublished={\url{https://guidovranken.files.wordpress.com/2015/12/https-bicycle-attack.pdf}}
}
@misc{rfc6330,
author="M. Luby, A. Shokrollahi et al.",
title="{RaptorQ Forward Error Correction Scheme for Object Delivery}",
series="Request for Comments",
number="6330",
publisher="IETF",
organization="Internet Engineering Task Force",
year=2011,
month=aug,
url="http://www.ietf.org/rfc/rfc6330",
howpublished = {\url{http://www.ietf.org/rfc/rfc6330}}
}
@article{Lamport:OTP,
author = {Lamport, Leslie},
title = {Password Authentication with Insecure Communication},
journal = {Commun. ACM},
issue_date = {Nov. 1981},
volume = {24},
number = {11},
month = nov,
year = {1981},
issn = {0001-0782},
pages = {770--772},
numpages = {3},
url = {http://doi.acm.org/10.1145/358790.358797},
doi = {10.1145/358790.358797},
acmid = {358797},
publisher = {ACM},
address = {New York, NY, USA},
keywords = {authentication, one-way function, passwords, security},
}