RSA vs ECDSA for DNSSEC
Measuring whether we should use ECDSA.
Tag: measurement
ALPACA attack: Analysing and mitigating cracks in TLS authentication
Guest Post: Study shows adding a TLS-protected email or FTP server to a network can enable cookie-stealing or cross-site scripting attacks against web servers in the same network.
DNS-over-TCP considered vulnerable
Guest Post: There are several ways attackers can force TCP to fragment for inclusion in IP fragmentation attacks.
CCID5: Evaluating BBR for Datagram Congestion Control Protocol
Guest Post: BBR for DCCP reduces latency in multi-path scenarios providing stability to carry TCP streams on top of CCID5 controlled DCCP tunnels.
Mobile phone capabilities are key to improving connectivity in developing economies
Guest Post: Improving network performance has 3x greater effect on high-end phones than low-end phones.
Caching is key to interpreting root DNS anycast performance
Guest Post: Context is everything when it comes to assessing anycast.
Can the DNS support encryption without enabling centralization?
Guest Post: Study shows clients can distribute DNS queries across a set of popular recursive resolvers without performance degradation.
The relevance of heavy hitters and the rise of big-fast flows
Guest Post: Eleven-year study characterizes the rise of heavy hitters and big-fast TCP flows.
Weaponizing middleboxes for TCP reflected amplification
Guest Post: Researchers show how middleboxes and censorship infrastructure can be abused to launch reflected DoS amplification attacks over TCP.
Who emailed who? Institutional privacy risks in the DNS
Guest Post: Institutions that run their own recursive resolvers and route from their own AS are most susceptible to privacy risks.