Dear colleagues,
I am happy to announce the second talk of the NetSec Lecture Series
[1] that is organized by the GI Netsec working group [2]. On May
19th, 5pm (CEST), Jens Hiller from RWTH Aachen will tell a story of
experimentation and centralization: Tracking the deployment of TLS
1.3 on the Web.
----------------------------------------------------
May 19, 5pm (CEST), Jens Hiller (RWTH Aachen)
Join via Zoom: https://tu-berlin.zoom.us/j/63223549564?pwd=SUdRSjcvVzJJeVhielM0UE5pNGhlQT09
*Tracking the deployment of TLS 1.3 on the Web: A
story of experimentation and centralization*
*Abstract:* Transport Layer Security is the most important security
protocol on the Web. Before the standardization of its newest
version TLS 1.3 in August 2018, the protocol was redesigned over
four years in a yet unprecedented design process that involved many
cryptographers and key industry stakeholders. Based on the
combination of active Internet scans, and passive measurements in
large networks and on Android devices, we will look at how large
stakeholders experimented with the protocol in the Internet well
before its standardization. Their experiments uncovered
incompatibilities that influenced the ongoing standardization
process. Also, we will analyze the uptake of this mission-critical
security protocol after its standardization. In contrast to TLS 1.2,
where adoption took more than five years and was prompted by severe
attacks on previous versions, TLS 1.3 is deployed surprisingly
speedily. The design process thus provides valuable information for
future protocol design and deployment.
*CV:* Jens Hiller is Researcher and PhD Student at the Chair of
Communication and Distributed Systems (COMSYS) at RWTH Aachen
University. His research interests revolve around today's prominent
secure communication protocols and security and privacy for the
Internet of Things. He also spent two summer research stays at the
International Computer Science Institute (ICSI) in Berkely analyzing
the security of the Web's Internet Public Key Infrastructure.
----------------------------------------------------
Dates in the NetSec Lecture Series
---------------------------------------------------
*April 21st (English):* Dr. Robin Sommer, Corelight - "Transition
To Practice, They Say: How Two Decades of Security Research
Ultimately Spawned a Silicon Valley Startup"
*May 19th (English):* Jens Hiller, RWTH Aachen - "Tracking the
deployment of TLS 1.3 on the Web: A story of experimentation and
centralization"
*June 15th (English):* Prof. Dr. Andreas Peter, Universität
Oldenburg - "DEEPCASE: Semi-Supervised Contextual Analysis of
Security Events"
*July (German):* Panel "Right to Encryption"
---------------------------------------------------
Best,
The steering committee of the NetSec working group
[1] https://fg-netsec.gi.de/veranstaltung/netsec-lecture-series-tracking-the-deployment-of-tls-13-on-the-web
[2] https://fg-netsec.gi.de/