SafeTLS - Securing the Future Internet with TLS 1.3

Home » SafeTLS - Securing the Future Internet with TLS 1.3
Date: 
01/10/2016 to 31/12/2020

Project Description:

TLS/SSL is one of the 3 essential cryptographic protocols used today (together with SSH and IPSec). It is widely used in securing e-commerce, Internet browsing, email, Voice over IP, and in almost every search and connection query made on the Internet today. All Internet browsers, including Internet Explorer, Mozilla Firefox, and Google Chrome, support TLS.
Despite its importance, TLS still presents many security flaws in its conception.

For many years, the complex structure of TLS 1.2 made it nearly impossible to analyze. Later breakthroughs in protocol analysis indicated a partially-sound design [JKS+12], [KPW13], [BFK+14]. However, attacks such as FREAK , LogJam, 3Shake, SKIP, SLOTH, Lucky 13, and DROWN bely such results, and raise concerns over the security of today's Internet use.As a consequence, a new version i.e. TLS 1.3 has recently been drafted.

Our project, SafeTLS, addresses the security of both TLS 1.3 and of TLS 1.2 as they are (expected to be) used, in three important ways:
* A better understanding: We will provide a better understanding of how TLS 1.2 and 1.3 are used in real-world applications.
* Empowering clients: By developing a tool that will show clients the quality of their TLS connection and inform them of potential security and privacy risks.
* Analyzing implementations: We will analyze the soundness of current TLS 1.2 implementations and use automated verification to provide a backbone of a secure TLS 1.3 implementation.

 

Week: 
Wednesday, 12 December, 2018

News

The Commission made a commitment to launch a pilot phase under Horizon 2020 to help bring national cybersecurity centres together into a network.

Future Events

The Annual Computer Security Applications Conference (ACSAC) will be held in San Juan, Puerto Rico on 9-13 December 2019. 

09/12/2019 to 13/12/2019

The one-day Summit on the 13th of January brings together prominent security practitioners for in-depth talks focused on techniques that can be used to successfully identify, contain, and eliminate adversaries targeting your networks. Attendees will gain tools and methods to leverage as soon as they return to work.

The Summit will explore:

13/01/2020 to 19/01/2020