Monday 12 July 2021
We are thrilled to report that two papers by DACS researchers have been selected for presentation in SIGCOMM 2021's "Best of CCR" session. Instituted in 2012, the SIGCOMM Best of CCR session features a highly selective set of papers published in SIGCOMM's Computer Communication Review (CCR). The papers in this session have been picked by the CCR editorial board as representing the best papers published in CCR in the preceding year (2020).
The two selected papers are:
- Tracking the deployment of TLS 1.3 on the Web: A story of experimentation and centralization
This paper tracks the deployment of the latest version of the Transport Layer Security protocol (TLS), version 1.3. Not only does this paper find that deployment of TLS 1.3 is proceeding much faster than the deployment of its predecessor, TLS 1.2, the paper also shows the role big tech companies such as Cloudflare, Facebook, and Google play in this deployment. To this end, it gives evidence of much experimentation on the platforms and in the browsers that these companies control, and it demonstrates how the increasing centralization of Internet services allows big tech companies to influence and push the adoption of new standards.
The paper appeared in the July 2020 edition of CCR and was written by DACS’s Ralph Holz (as first author), together with Jens Hiller, Johanna Amann, Abbas Razaghpanah, Thomas Jost, Narseo Vallina-Rodriguez, and Oliver Hohlfeld. It can be downloaded here: https://ralphholz.science/publications/TrackingTheDeploymentOfTls13OnTheWebAStoryOfExperimentationAndCentralization.pdf - Retrofitting Post-Quantum Cryptography in Internet Protocols: A Case Study of DNSSEC
Quantum computing threatens to break the security of existing public key algorithms, which can have far-reaching consequences for Internet protocols. To remedy this, the cryptographic community is working hard on the development of quantum-safe public key algorithms, colloquially referred to as “Post-Quantum Cryptography” (PQC). The US National Institute for Standards and Technology (NIST) plays a major role in this process, by running a competition challenging researchers to come up with secure PQC algorithms. The paper studies which of the candidate algorithms selected by NIST might be suitable for use in DNSSEC, the secure version of the Domain Name System (DNS). The paper shows that, in contrast to other Internet protocols such as TLS, there are no clear drop-in PQC algorithms for DNSSEC, due to unfavourable properties of the candidate algorithms in the NIST competition. The paper also shows how certain changes to the DNSSEC protocol could remedy this in the future. Given the importance of the DNS for the Internet and given the time it takes to standardize protocol changes, this paper makes a timely and important first effort in helping prepare the DNS for a future in which quantum computers can break our current cryptographic protocols.
The paper appeared in the October 2020 edition of CCR and was written by DACS’s Moritz Müller (as first author), together with Jins de Jong, Maran van Heesch, Benno Overeinder, and DACS’s Roland van Rijswijk-Deij. The paper can be found here: https://www.sidnlabs.nl/downloads/7qGFW0DiOkov0vWyDK9qaK/de709198ac34477797b381f146639e27/Retrofitting_Post-Quantum_Cryptography_in_Internet_Protocols.pdf
We would like to congratulate Ralph, Moritz and Roland on their achievement!
