TLS security - where do we stand?

Kenny Paterson

The TLS protocol has been in the news a lot lately. In this talk, I'll give an overview of the state-of-the-art of TLS security, focusing mostly on the TLS Record Protocol. I'll explain the recent BEAST attack and what its implications are. I'll also talk about a newly discovered vulnerability in TLS 1.2, as well as what we know about positive security aspects of the protocol. If time permits, I'll then discuss DTLS security. The talk will assume knowledge of basic cryptography and networking, but will be self-contained.

Biography: Kenny obtained his BSc (Hons) in 1990 from the University of Glasgow and a PhD from the University of London in 1993, both in mathematics. He was a Royal Society Fellow at the Swiss Federal Institute of Technology, Zurich, from 1993 to 1994, investigating algebraic properties of block ciphers. After that, he was Lloyd's of London Tercentenary Foundation Fellow at the University of London from 1994 to 1996, working on digital signatures. He joined the mathematics group at Hewlett-Packard Laboratories Bristol in November 1996, becoming project manager in 1999. His technical work there involved him in international standards setting, internal consultancy on a wide range of mathematical and cryptographic subjects, and intellectual property generation. In 2001, Kenny re-joined Royal Holloway as a Lecturer, becoming Reader in 2002 and Professor in 2004. In March 2010, Kenny commenced a 5-year research fellowship funded by EPSRC on the topic of "Cryptography: Bridging Theory and Practice". He was Program Chair for Eurocrypt 2011, serves on the editorial board of the Journal of Cryptology, and continues to consult to industry and government. Kenny's research interests span a wide range of topics in theoretical and applied cryptography, and information security.