The 1st BIU Security Day – The Current Status of TLS Security

May 2, 2016

TLS (previously SSL) is the cornerstone of Internet security. It protects Internet traffic, enabling users to authenticate securely, send credit card numbers, and more. Although a well-established protocol, SSL/TLS has been plagued with security flaws, many of them very sophisticated and technically fascinating. On May 2nd, the BIU Center of Research in Applied Cryptography and Cyber Security will hold a symposium on the current status of TLS security. The symposium will include an overview of TLS security, talks on some of the recent attacks, and talks on proving TLS security. Two of the talks will focus on TLS 1.3; the new version of TLS that is now being finalized.

Participants from academia, industry and anyone interested in TLS Security are all welcome.


Click here to view photo gallery

Click here to view photo gallery

Nimrod Aviram, Tel-Aviv University

Tibor Jager, Ruhr University Bochum

Thyla van der Merwe, Royal Holloway

All speakers will be presenting their work on TLS security. Tibor and Thyla are well known experts on TLS security, each having carried out considerable research on the topic.

Where: Wohl Center, Bar-Ilan University

Registration:  Participation is free but registration is required. Please register by April 28, 2016 at:


09:00 – 09:25   Coffee and refreshments

09:25 – 09:30    Opening remarks

09:30 – 10:15    Thyla van der Merwe: TLS: Past, Present, Future (video)

10:15 – 10:45     Coffee break

10:45 – 11:30     Tibor Jager: On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption (video)

11:30 – 11:45     Short coffee break

11:45 – 12:30     Nimrod Aviram: DROWN: Breaking TLS using SSLv2 (video)

12:30 – 14:00    Lunch

14:00 – 14:45    Tibor Jager: On the Security of TLS-DHE in the Standard Model (video)

14:45 – 15:00    Short coffee break

15:00 – 15:45    Thyla van der Merwe: Automated Analysis of TLS 1.3 (video)


Speaker Biographies

Thyla van der Merwe

Thyla van der Merwe received a BCom in Mathematics, Statistics and Economics, a BSc (Hons) in Mathematics and an MSc in Mathematics from the University of Cape Town, South Africa. She completed an MSc in Information Security at Royal Holloway as a FirstRand Laurie Dippenaar scholar before embarking on a PhD. Prior to starting at Royal Holloway, Thyla spent four years at Tellumat (PTY) Ltd as part of the security team. Thyla has represented South Africa on the ISO/IEC JTC 1 SC 27 standards committee where her activities involved the standardisation of cryptographic mechanisms and protocols. Thyla’s research interests include cryptanalysis of stream ciphers and protocol analysis.


Tibor Jager

Tibor Jager teaches computer networks and IT-security at Ruhr University Bochum. His research interests include applied and theoretical cryptography, with a focus on practical attacks and countermeasures, and the design and formal analysis of cryptographic protocols, digital signatures, and public-key encryption schemes. He found and reported security weaknesses in and practical attacks on major cryptographic standards and software libraries, including TLS, the W3C XML Encryption standard, and JSON Web Encryption/Web Signature.


Nimrod Aviram

Nimrod Aviram received a B.Sc. in Mathematics and Computer Science from Tel Aviv University. He is now a PhD student at The Department of Electrical Engineering at Tel Aviv University. Nimrod’s research interests include various topics in applied cryptography and Internet traffic.

Posted by