Seminar: Current Topics in IT Security
- this course in the course catalog
- further material can be found in koaLA
Topics
1) TLS 1.3 and 0-RTT: Novelties, changes, issues
- https://tlswg.github.io/tls13-spec/
- https://github.com/tlswg/tls13-spec/issues/1001
- https://blog.cloudflare.com/introducing-0-rtt/
2) Nonce misuse-resistant encryption: objective, goals, definitions, constructions
3) Same-Origin Policy: Evaluation in Modern Browsers
4) May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519
5) A Large-Scale Empirical Study of Security Patches
6) Attacks Only Get Better: Password Recovery Attacks Against RC4 in TLS
7) Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web
8) Broken Hearted: How To Attack ECG Biometrics
9) Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks
10) Zero-Knowledge Contingent Payments Revisited: Attacks and Payments for Services
11) Be Selfish and Avoid Dilemmas: Fork After Withholding (FAW) Attacks on Bitcoin
12) Better Bounds for Block Cipher Modes of Operation via Nonce-Based Key Derivation
13) Code-reuse attacks for the Web: Breaking Cross-Site Scripting Mitigations via Script Gadgets
14) Measuring small subgroup attacks against Diffie-Hellman
