Abstract:

Cryptographers have proved that the TLS protocol is secure if the random numbers used are indeed truly random. Cryptographic history has shown that this assumption has resulted in many insecure implementations. Despite a constant stream of academic papers describing inadequate random numbers, nothing has been done to remedy the situation.

We present the first analysis of the random public values that TLS exposes from an Internet traffic survey to and from UCSC. We have found devices that offer no security to the users despite using TLS. We categorize the failures and lament the developers’ lack of concern, discuss the issues with implementing the fragile proofs that Cryptologists provide, and provide a replacement key agreement protocol robust to the reality of software development that may not be as perfect as cryptographers think it should be.

Join in person or via Zoom Meeting https://ucsc.zoom.us/j/98501970830?pwd=TDZLNDRSNjlmOTBZSmprWmpnMjJEUT09

Passcode: 489983