May 2, 2016
TLS (previously SSL) is the cornerstone of Internet security. It protects Internet traffic, enabling users to authenticate securely, send credit card numbers, and more. Although a well-established protocol, SSL/TLS has been plagued with security flaws, many of them very sophisticated and technically fascinating. On May 2nd, the BIU Center of Research in Applied Cryptography and Cyber Security will hold a symposium on the current status of TLS security. The symposium will include an overview of TLS security, talks on some of the recent attacks, and talks on proving TLS security. Two of the talks will focus on TLS 1.3; the new version of TLS that is now being finalized.
Participants from academia, industry and anyone interested in TLS Security are all welcome.
Nimrod Aviram, Tel-Aviv University
Tibor Jager, Ruhr University Bochum
Thyla van der Merwe, Royal Holloway
All speakers will be presenting their work on TLS security. Tibor and Thyla are well known experts on TLS security, each having carried out considerable research on the topic.
Where: Wohl Center, Bar-Ilan University
Registration: Participation is free but registration is required. Please register by April 28, 2016 at: https://goo.gl/oFoU4C
09:00 – 09:25 Coffee and refreshments
09:25 – 09:30 Opening remarks
09:30 – 10:15 Thyla van der Merwe: TLS: Past, Present, Future (video)
10:15 – 10:45 Coffee break
10:45 – 11:30 Tibor Jager: On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption (video)
11:30 – 11:45 Short coffee break
11:45 – 12:30 Nimrod Aviram: DROWN: Breaking TLS using SSLv2 (video)
12:30 – 14:00 Lunch
14:00 – 14:45 Tibor Jager: On the Security of TLS-DHE in the Standard Model (video)
14:45 – 15:00 Short coffee break
15:00 – 15:45 Thyla van der Merwe: Automated Analysis of TLS 1.3 (video)
Thyla van der Merwe
Thyla van der Merwe received a BCom in Mathematics, Statistics and Economics, a BSc (Hons) in Mathematics and an MSc in Mathematics from the University of Cape Town, South Africa. She completed an MSc in Information Security at Royal Holloway as a FirstRand Laurie Dippenaar scholar before embarking on a PhD. Prior to starting at Royal Holloway, Thyla spent four years at Tellumat (PTY) Ltd as part of the security team. Thyla has represented South Africa on the ISO/IEC JTC 1 SC 27 standards committee where her activities involved the standardisation of cryptographic mechanisms and protocols. Thyla’s research interests include cryptanalysis of stream ciphers and protocol analysis.
Tibor Jager teaches computer networks and IT-security at Ruhr University Bochum. His research interests include applied and theoretical cryptography, with a focus on practical attacks and countermeasures, and the design and formal analysis of cryptographic protocols, digital signatures, and public-key encryption schemes. He found and reported security weaknesses in and practical attacks on major cryptographic standards and software libraries, including TLS, the W3C XML Encryption standard, and JSON Web Encryption/Web Signature.
Nimrod Aviram received a B.Sc. in Mathematics and Computer Science from Tel Aviv University. He is now a PhD student at The Department of Electrical Engineering at Tel Aviv University. Nimrod’s research interests include various topics in applied cryptography and Internet traffic.Posted by