Mazen Juma, Azza Abdel Monem, Khaled Shaalan,
... End-to-End VPN approach. IPSec/IPv6 and OpenSSL are the most common VPN approaches used separately ... approach achieved by combining the IPSec/IPv6 and OpenSSL security approaches that can secure smart IoT objects ... complementary advantages of IPSec/IPv6 VPN approach and OpenSSL VPN approach and eliminates their shortcomings. Performance evaluation ... the performance of both IPSec/IPv6 VPN and OpenSSL VPN approaches assessed in terms of a group ... acceptance levels compared to IPSec/IPv6 VPN, and OpenSSL VPN approaches.
Tópico(s): Advanced Malware Detection Techniques
2020 - Elsevier BV | Journal of Network and Computer Applications
... of the random number generator (RNG) in the OpenSSL cryptographic library. We show how OpenSSL's RNG, knowingly in a low entropy state, ... cryptographic functionality of the RNG, we show how OpenSSL's functionality for adding entropy to the RNG ... time and rely on subsequent reseeding of the OpenSSL RNG. Furthermore, we identify a design flaw that ...
Tópico(s): Advanced Malware Detection Techniques
2016 - Springer Science+Business Media | Lecture notes in computer science
... Debian Linux (CVE-2008-0166) pseudorandom generator with OpenSSL 0.9.8c-1. Based on experimental results, ... Linux (CVE-2008-0166) pseudorandom generator based on OpenSSL 0.9.8c-1 is flawed and the ... of LIL based testing techniques.Comprehensive documentation of OpenSSL pseudorandom generators and entropy collection process.Based on ... documentation, identification of potential attacks and flaws on OpenSSL pseudorandom generators.
Tópico(s): Digital Media Forensic Detection
2015 - Elsevier BV | Computers & Security
Onur Acıiçmez, Werner Schindler,
... can completely break RSA in the original unpatched OpenSSL version (v.0.9.8e) even if the ... process that was embedded in the target process (OpenSSL), which clearly facilitates the experimental part. This simplification ... we published our result [1] we informed the OpenSSL development team who included a patch into the ... version 0.9.8f. We have only analyzed OpenSSL, thus we currently do not know the strength ...
Tópico(s): Advanced Malware Detection Techniques
2008 - Springer Science+Business Media | Lecture notes in computer science
... For a comparison baseline, we use the current OpenSSL version, 1.0.0e. Our implementation—called "RSAZ"—is more than 1.6 times faster than OpenSSL for both 1,024 and 2,048-bit ... Core™ processors. The RSAZ code was contributed to OpenSSL as a patch, and improvements proposed in an ... paper have already been incorporated into the future OpenSSL version.
Tópico(s): Cryptographic Implementations and Security
2012 - Springer Science+Business Media | Journal of Cryptographic Engineering
Vishnu P. Nambiar, M. Khalil Hani, Muhammad Mun’im Ahmad Zabidi,
... there are freely available solutions such as the OpenSSL library, the performance of most embedded processors, on ... The RTOS applied is uClinux, on which the OpenSSL library has been ported and cross-compiled. Experimental ... hardware acceleration can improve, significantly, the performance of OpenSSL crypto functions and hence, of the SSL connection ...
Tópico(s): Security and Verification in Computing
2009 - Inderscience Publishers | International Journal of Information and Communication Technology
... specifically cache-timing attacks, remain unpatched in the OpenSSL code base since the first attack in 2009 ( ... on the integration of the GLV method in OpenSSL for curves from 160 to 256 bits, as ... curves are now the fastest elliptic curves in OpenSSL for these bit sizes.
Tópico(s): Security and Verification in Computing
2015 - Springer Science+Business Media | Lecture notes in computer science
... modular exponentiation. This implementation is seamlessly integrated into OpenSSL, by patching over OpenSSL 1.0.1. Our results show that our implementation requires 51% less instructions than the current OpenSSL 1.0.1 implementation. This illustrates the potential ...
Tópico(s): Coding theory and cryptography
2012 - Springer Science+Business Media | Lecture notes in computer science
Chihiro Tomita, Makoto Takita, Kazuhide Fukushima, Yuto Nakano, Yoshiaki Shiraishi, Masakatu Morii,
... Rivest-Shamir-Adleman (RSA) secret keys used in OpenSSL under realistic parameters and environments has not been ... propose a method that uses RAMBleed to obtain OpenSSL secret keys and demonstrate its efficacy using the ... the operation of an Apache server that uses OpenSSL, the RSA private keys are deployed on DRAM ... of attacks incorporating RAMBleed and eventually retrieved the OpenSSL RSA private key, indicating that secret information is ... that RAMBleed is also a major threat to OpenSSL.
Tópico(s): Cryptography and Data Security
2022 - Multidisciplinary Digital Publishing Institute | Sensors
Quang Loc Le, Azalea Raad, Jules Villard, Josh Berdine, Derek Dreyer, Peter W. O’Hearn,
... we have found 15 new real bugs in OpenSSL, which we have reported to OpenSSL maintainers and have since been fixed. In order ...
Tópico(s): Software Reliability and Analysis Research
2022 - Association for Computing Machinery | Proceedings of the ACM on Programming Languages
Hao Sun, Lei Cui, Lun Li, Zhenquan Ding, Zhiyu Hao, Jiancong Cui, Peng Liu,
... data set of 876 vulnerabilities and patches of OpenSSL and Linux, the proposed model (VDSimilar) achieves about 97.17% in AUC value of OpenSSL (where the Attention network contributes 1.21% than ...
Tópico(s): Web Application Security Vulnerabilities
2021 - Elsevier BV | Computers & Security
... SHA256, LSH256, and LSH512 respectively; and also outperform OpenSSL implementation by 39.59% using SHA512. In addition, ... respectively; and our PBKDF2-HMAC-SHA512 implementation outperforms OpenSSL implementation by 523.57%. With our proposed implementation ...
Tópico(s): Coding theory and cryptography
2021 - Institute of Electrical and Electronics Engineers | IEEE Access
Nir Drucker, Shay Gueron, Dušan Kostić,
... used NTL library, and $$55.5{\times }$$ over OpenSSL. We achieve additional speedups by leveraging the latest ... times }$$ over NTL and $$96.8{\times }$$ over OpenSSL. With this, BIKE-2 becomes a competitive variant ...
Tópico(s): Coding theory and cryptography
2020 - Springer Science+Business Media | Lecture notes in computer science
Steven D. Galbraith⋆, Jake Massimo, Kenneth G. Paterson,
... an example with 1024-bit p which passes OpenSSL's Diffie-Hellman validation procedure with probability $$2^{-24}$$ (for versions of OpenSSL prior to 1.1.0i). Here, the largest ...
Tópico(s): Coding theory and cryptography
2019 - Springer Science+Business Media | Lecture notes in computer science
Alejandro Cabrera Aldaya, Cesar Pereida García, Luis Manuel Álvarez Tapia, Billy Bob Brumley,
... security requirement for real-world libraries. Most of OpenSSL’s constant-time code paths are driven by ... insecure code path traversal. Applying our methodology to OpenSSL, we identify three new code paths during RSA ...
Tópico(s): Physical Unclonable Functions (PUFs) and Hardware Security
2019 - | IACR Transactions on Cryptographic Hardware and Embedded Systems
Congxi Song, Bo Yu, Xu Zhou, Qiang Yang,
... three protocol implementations, i.e., Proftpd, Oftpd, and OpenSSL, which are three-granularity coverages specifically function, basic ... program. We further triggered CVE-2015-0291 in OpenSSL 1.0.2 with the SPFuzz, which proves ...
Tópico(s): Software Engineering Research
2019 - Institute of Electrical and Electronics Engineers | IEEE Access
Fabrizio Biondi, Michael A. Enescu, Annelie Heuser, Axel Legay, Kuldeep S. Meel, Jean Quilbeuf,
... program analysis scales to large codebases like the OpenSSL project, the formulas produced are too complex for ... can evaluate the leakage incurred by the Heartbleed OpenSSL bug, contrarily to the state of the art.
Tópico(s): Advanced Malware Detection Techniques
2017 - Springer Science+Business Media | Lecture notes in computer science
Yuval Yarom, Daniel Genkin, Nadia Heninger,
... implementation used in the modular exponentiation routine in OpenSSL version 1.0.2f. Our attack exploits cache- ...
Tópico(s): Advanced Malware Detection Techniques
2016 - Springer Science+Business Media | Lecture notes in computer science
Ján Ďurech, Mária Franeková, Peter Holečko, Emília Bubeníková,
... Modeler tool extended by the implementation of the OpenSSL library for authentication protocol realisation based on digital ... schemes and the number of mobile nodes.The OpenSSL library has also been utilised for the comparison ...
Tópico(s): Real-Time Systems Scheduling
2016 - VSB – Technical University of Ostrava | Advances in Electrical and Electronic Engineering
Gorka Irazoqui, Mehmet Sinan İnci, Thomas Eisenbarth, Berk Sunar,
... recover the keys of an AES implementation of OpenSSL 1.0.1 running inside the victim VM. ... that there is a great security risk to OpenSSL AES implementation running on VMware cloud services when ...
Tópico(s): Advanced Malware Detection Techniques
2014 - Springer Science+Business Media | Lecture notes in computer science
... P- $$256$$ , that can be seamlessly integrated into OpenSSL. This accelerates Perfect Forward Secrecy TLS handshakes that ... ECDSA sign is $$2.33\times $$ faster than OpenSSL's implementation.
Tópico(s): Cryptographic Implementations and Security
2014 - Springer Science+Business Media | Journal of Cryptographic Engineering
The OpenSSL software package is around 300,000 lines of code, which means there are probably around 299 bugs ...
Tópico(s): Mobile Agent-Based Network Management
2014 - Association for Computing Machinery | Queue
Aly Hassan, Mohammed ElGayyar,
... In 2005, Bernstein [6] has successfully attacked the OpenSSL AES implementation on a Pentium III processor and ... successfully attacked the AES implemented in the latest OpenSSL release 1.0.1c using the most recent ...
Tópico(s): Advanced Malware Detection Techniques
2013 - Springer Science+Business Media | Lecture notes in computer science
Billy Bob Brumley, Manuel Barbosa, Daniel Page, Fréderik Vercauteren,
We analyse and exploit implementation features in OpenSSL version 0.9.8g which permit an attack against ECDH-based functionality. The attack, although more general, can recover the entire (static) private ... formal verification to augment existing test strategies for OpenSSL-like software should be deemed a worthwhile, long- ...
Tópico(s): Advanced Malware Detection Techniques
2012 - Springer Science+Business Media | Lecture notes in computer science
Johannes Gilger, Johannes Barnickel, Ulrike Meyer,
... CUDA and OpenCL in the form of an OpenSSL cryptographic engine. We show common techniques to implement ...
Tópico(s): Coding theory and cryptography
2012 - Springer Science+Business Media | Lecture notes in computer science
... by a factor of 3.42x compared to OpenSSL (1.0.1), and by 2.25x compared ... Byte, which is almost 3 times faster than OpenSSL (1.0.1) under the same conditions. These ...
Tópico(s): Advanced Data Storage Technologies
2012 - Scientific Research Publishing | Journal of Information Security
... bug has been found in the widely deployed OpenSSL client; our case study shows that our monitor ... the protocol runs otherwise allowed by the faulty OpenSSL client. Moreover, our monitoring approach allowed us to ...
Tópico(s): Access Control and Trust
2010 - Springer Science+Business Media | Lecture notes in computer science
A patch to the OpenSSL package maintained by Debian GNU/Linux (an operating system composed of free and open source software that can be used ... the author examines these issue and its consequences. OpenSSL is an open source library implementing the SSL ( ...
Tópico(s): Chaos-based Image/Signal Encryption
2008 - Institute of Electrical and Electronics Engineers | IEEE Security & Privacy
... systems. Specifically, we devise a timing attack against OpenSSL. Our experiments show that we can extract private keys from an OpenSSL-based web server running on a machine in ...
Tópico(s): Advanced Malware Detection Techniques
2005 - Elsevier BV | Computer Networks
Gitae Park, Hyo-Joon Han, Jaehwoon Lee,
... 적용을 제안하고 있다. 본 논문에서는 LEA알고리즘을 구현하고 이를 OpenSSL 상에 적용 하였다. 그 결과 구현된 알고리즘은 AES ... Lightweight Encryption Algorithm) algorithm and apply it to OpenSSL. The implemented algorithm is compared with other symmetric ...
Tópico(s): Chaos-based Image/Signal Encryption
2014 - THE KOREAN INSTITUTE OF COMMUNICATIONS AND INFORMATION SCIENCES (KICS) | The Journal of Korean Institute of Communications and Information Sciences