Discussion: Bi-directional authentication in TLS

Add to your list(s) Download to your calendar using vCal

• Steven J. Murdoch (Computer Laboratory, University of Cambridge)
• Friday 19 October 2007, 16:00-16:30
• Computer Laboratory, William Gates Building, Room FW11.

If you have a question about this talk, please contact Steven J. Murdoch.

I am working on designing a new authentication algorithm for Tor, which maintains the bi-directional authentication and confidentiality guarantees, but looks similar to normal encrypted web-browsing. This is to help resist blocking based on Tor’s traffic fingerprint.

Tor needs to now perform a HTTPS -like TLS handshake, where the client authenticates the server, but not vice-versa. Then, within the encrypted tunnel, the server needs to authenticate the client. Two additional constraints are that it needs to work with unmodified OpenSSL and have minimum overhead.

I’ll be discussing some proposals for an improved protocol, and expand on the design constraints. I welcome comments on these ideas, potential flaws and any suggested improvements.

This talk is part of the Computer Laboratory Security Group meeting presentations series.

This talk is included in these lists:

• All Talks (aka the CURE list)
• Computer Laboratory Security Group meeting presentations
• Computer Laboratory talks
• Computer Laboratory, William Gates Building, Room FW11
• Interested Talks
• School of Technology
• Security-related talks
• Trust & Technology Initiative - interesting events
• bld31

Note that ex-directory lists are not shown.