参考文献
[1]Fardan N J A,Paterson K G.Lucky Thirteen:Breaking the TLS and DTLS Record Protocols[C]//Proceedings of IEEE Symposium on Security and Privacy.Washington D.C.,USA:IEEE Press,2013:526-540.
[2]Marlinspike M.SSLSNIFF[EB/OL].(2009-12-24).http://www.thoughtcrime.org/software/sslsniff/.
[3]Marlinspike M.More Tricks for Defeating SSL in Practice[EB/OL].(2009-11-24).https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf.
[4]The Heartbleed Bug[EB/OL].(2014-04-29).http://heartbleed.com/.
[5]Kikuchi M.How I Discovered CCS Injection Vulnerabi-lity[EB/OL].(2014-06-05).http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html.
[6]Mller B,Duong T,Kotowicz K.This POODLEBites:Exploiting the SSL 3.0 Fallback[EB/OL].(2014-10-15). https://www.openssl.org/~bodo/ssl-poodle.pdf.
[7]Lawall J,Laurie B,Hansen R R,et al. Finding Error Handling Bugs in OpenSSL Using Coccinelle[C]//Proceedings of 2010 European Dependable Computing Conference.Washington D.C.,USA:IEEE Press,2010:191-196.
[8]Georgiev M,Iyengar S,Jana S,et al.The Most Dangerous Code in the World:Validating SSL Certificates in Non-browser Software[C]//Proceedings of 2012 ACM Con-ference on Computer and Communications Security.New York,USA:ACM
Press,2012:38-49.
[9]Mavrogiannopoulos N,Vercauteren F,Velichkov V,et al.A Cross-protocol Attack on the TLS Protocol[C]//Proceedings of 2012 ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2012:62-72.
[10]Fahl S,Harbach M,Muders T,et al. Why Eve and MalloryLove Android:An Analysis of Android SSL (in)Security[C]//Proceedings of 2012 ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2012:50-61.
[11]张焕国,李春雷,唐明.演化密码对抗差分密码分析能力的研究[J].中国科学:信息科学,2013,43(4):545-554.
[12]韩立东,王小云,许光午.RSA密码系统小CRT解密指数的攻击分析[J].中国科学:信息科学,2011,41(2):173-180.
[13]Frier A,Karlton P,Kocher P.The Secure Sockets Layer(SSL) Protocol Version 3.0[EB/OL].(2015-10-14).https://datatracker.ietf.org/doc/rfc6101/?include_text=1.
[14]Allen C,Dierks T. The TLSProtocol Version 1.0[EB/OL].(2013-03-02).https://datatracker.ietf.org/doc/rfc2246/?include_text=1.
[15]NSS Key Log Format[EB/OL].(2015-11-13).https://deve loper.mozilla.org/enUS/docs/Mozilla/Projects/NSS/Key_Log_Format.
[16]Shahsafi T,Bahrambeigy B,Ahmadi M. Bloom Filter-based IP Traceback on Netfilter Open-source Framework[C]//Proceedings of the 7th Conference on Information and Knowledge Technology. Washington D.C.,USA:IEEE Press,2015:1-6.
[17]Bellare M,Kilian J,Rogaway P. TheSecurity of Cipher Block Chaining[C]//Proceedings of CRYPTO’94. Berlin,Germany:Springer,1994:341-358.
[18]Yadav R K.Man in Middle Attack in SSL and Https[J].International Journal of Computer Science and Mobile Computing,2015,4(5):566-573.
[19]Sultan K,Ruhi U.Overcoming Barriers to Client-side Digital Certificate Adoption[J].International Journal of Computer Science and Information Security,2015,13(8):27-34.
编辑陆燕菲 |