2 {\hyperref{http://stackexchange.com/}{}{}{Proceedings}
3 \hyperref{http://stackexchange.com/}{}{}{of}
4 \hyperref{http://stackexchange.com/}{}{}{Symposia}
5 \hyperref{http://stackexchange.com/}{}{}{in}
6 \hyperref{http://stackexchange.com/}{}{}{Applied}
7 \hyperref{http://stackexchange.com/}{}{}{Mathematics}}
10 {\hyperref{https://polarssl.org/}{}{}{PolarSSL}}
12 @string {I_Stackexchange =
13 {\hyperref{http://stackexchange.com/}{}{}{Stackexchange}
14 \hyperref{http://stackexchange.com/}{}{}{Q\&A}
15 \hyperref{http://stackexchange.com/}{}{}{Site}}
17 @string {I_Wikipedia =
18 {\hyperref{https://wikipedia.org/}{}{}{Wikipedia}}
21 {\hyperref{http://mathworld.wolfram.com/}{}{}{Wolfram}
22 \hyperref{http://mathworld.wolfram.com/}{}{}{Research}
23 \hyperref{http://mathworld.wolfram.com/}{}{}{Mathworld}}
26 {\hyperref{https://tomacs.acm.org/}{}{}{ACM}
27 \hyperref{https://tomacs.acm.org/}{}{}{Transactions}
28 \hyperref{https://tomacs.acm.org/}{}{}{on}
29 \hyperref{https://tomacs.acm.org/}{}{}{Modeling}
30 \hyperref{https://tomacs.acm.org/}{}{}{and}
31 \hyperref{https://tomacs.acm.org/}{}{}{Computer}
32 \hyperref{https://tomacs.acm.org/}{}{}{Simulation}}
36 {\hyperref{http://web.mit.edu/}{}{}{MIT}}
40 {\hyperref{https://www.ietf.org/}{}{}{IETF}}
44 {\hyperref{http://www.oracle.com/}{}{}{Oracle}}
48 {\hyperref{https://www.gnu.org/}{}{}{GNU}}
52 {\hyperref{https://blackhat.com}{}{}{Blackhat}
53 \hyperref{https://blackhat.com}{}{}{USA}}
56 @inproceedings{HDWH12,
57 author = {Nadia Heninger and Zakir Durumeric and Eric Wustrow
58 and J. Alex Halderman},
59 title = {Mining Your {P}s and {Q}s: {D}etection of Widespread Weak Keys
61 booktitle = {Proceedings of the 21st {USENIX} Security Symposium},
64 url = {https://factorable.net/weakkeys12.extended.pdf},
67 @techreport{Wikipedia:/dev/random,
68 key = {Wikipedia:/dev/random},
69 title = {/dev/random},
70 institution = I_Wikipedia,
74 url = {https://en.wikipedia.org/wiki/dev/random},
75 note = {Accessed 2013-12-06},
79 author = {A. Seznec and N. Sendrier},
80 title = {{HAVEGE}: a user-level software heuristic for generating
81 empirically strong random numbers},
88 url = {http://www.irisa.fr/caps/projects/hipsor/scripts/down.php?id=13781296&ext=.pdf},
92 author = {Jakob Engblom},
93 title = {Evaluating {HAVEGE} Randomness},
96 type = {Blog: Observations from Uppsala},
97 url = {http://jakob.engbloms.se/archives/1374},
102 title = {Weak random number generation within virtualized
104 institution = I_PolarSSL,
107 type = {Security Advisory},
109 url = {https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2011-02},
114 title = {haveged -- A simple entropy daemon},
117 type = {Software Homepage},
118 url = {http://www.issihosts.com/haveged/},
119 note = {Accessed 2013-12-06},
124 title = {haveged -- A simple entropy daemon: Runtime Testing},
127 type = {Technical Background},
128 url = {http://www.issihosts.com/haveged/},
129 note = {Accessed 2013-12-06},
132 @book{katz2008introduction,
133 title={Introduction to modern cryptography},
134 author={Katz, J. and Lindell, Y.},
135 isbn={9781584885511},
137 series={Chapman and Hall/CRC Cryptography and Network Security Series},
138 url={http://books.google.at/books?id=WIc\_AQAAIAAJ},
140 publisher={Chapman \& Hall/CRC}
145 title = {SafeCurves: choosing safe curves for elliptic-curve cryptography},
148 type = {Technical Background},
149 url = {http://safecurves.cr.yp.to/rigid.html},
150 note = {Accessed 2013-12-09},
153 @techreport{Wikipedia:ExportCipher,
154 key = {Wikipedia:ExportCipher},
155 title = {Export of cryptography in the {U}nited {S}tates},
156 institution = I_Wikipedia,
160 url = {https://en.wikipedia.org/wiki/Export_of_cryptography_in_the_United_States},
161 note = {Accessed 2013-12-09},
164 @article{ii2011ecrypt,
166 author = {II, ECRYPT and SYM, D},
168 url = {http://www.ecrypt.eu.org/documents/D.SPA.20.pdf},
172 @techreport{Wikipedia:Tempest,
173 key = {Wikipedia:Tempest},
174 title = {Tempest (codename)},
175 institution = I_Wikipedia,
179 url = {https://en.wikipedia.org/wiki/Tempest_(codename)},
180 note = {Accessed 2013-12-12},
183 @techreport{Wikipedia:Discrete,
184 key = {Wikipedia:Discrete},
185 title = {Discrete logarithm},
186 institution = I_Wikipedia,
190 url = {https://en.wikipedia.org/wiki/Discrete_logarithm},
191 note = {Accessed 2013-12-12},
194 @techreport{Wikipedia:Certificate,
195 key = {Wikipedia:Certificate},
196 title = {Certificate Policy},
197 institution = I_Wikipedia,
201 url = {https://en.wikipedia.org/wiki/Certificate_Policy},
202 note = {Accessed 2013-12-12},
206 author = {Bruce Schneier},
207 title = {The {NSA} Is Breaking Most Encryption on the Internet},
210 type = {Blog: Schneier on Security},
211 url = {https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html},
215 author = {Bruce Schneier},
216 title = {The {NSA} Is Breaking Most Encryption on the Internet},
219 type = {Answer to Blog Comment},
220 url = {https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html\#c1675929},
224 author = {D. J. Bernstein and Tanja Lange},
225 title = {Security dangers of the {NIST} curves},
228 type = {Presentation slides},
229 url = {http://cr.yp.to/talks/2013.09.16/slides-djb-20130916-a4.pdf},
234 title = {Should we trust the {NIST}-recommended {ECC} parameters?},
237 type = {Stackexchange Question},
238 institution = I_Stackexchange,
239 url = {http://crypto.stackexchange.com/questions/10263/should-we-trust-the-nist-recommended-ecc-parameters},
242 @inproceedings{McC90,
243 author = {Kevin S. McCurley},
244 title = {The Discrete Logarithm Problem},
245 booktitle = {Cryptology and Computational Number Theory, } # J_AM,
249 url = {http://www.mccurley.org/papers/dlog.pdf},
253 key = {Wolfram Research, Mathworld},
254 title = {Elliptic Curve},
257 type = {Math Dictionary Entry},
258 institution = I_Wolfram,
259 url = {http://mathworld.wolfram.com/EllipticCurve.html},
260 note = {Accessed 2013-12-12},
263 @misc{yarom2013flush+,
264 title = {Flush+ Reload: a high resolution, low noise, L3 cache side-channel attack},
265 author = {Yarom, Yuval and Falkner, Katrina},
267 publisher = {Cryptology ePrint Archive, Report 2013/448, 2013. http://eprint. iacr. org/2013/448/. 3},
268 url = {http://eprint.iacr.org/2013/448.pdf}
272 title = {BSI TR-02102 Kryptographische Verfahren},
273 author = {Bundesamt für Sicherheit in der Informationstechnik (BSI)},
276 url = {https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102_pdf}
279 @techreport{ENISA2013,
280 title = {ENISA - Algorithms, Key Sizes and Parameters Report},
281 author = {{ENISA and Vincent Rijmen, Nigel P. Smart, Bogdan warinschi, Gaven Watson}},
284 url = {http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report},
287 @book{anderson2008security,
288 title = {Security engineering},
289 author = {Anderson, Ross},
291 publisher = {Wiley.com},
292 url = {http://www.cl.cam.ac.uk/~rja14/book.html},
295 @misc{tschofenig-webpki,
296 author = {{H. Tschofenig and E. Lear}},
297 title = {{Evolving the Web Public Key Infrastructure}},
298 howpublished = {\url{https://tools.ietf.org/html/draft-tschofenig-iab-webpki-evolution-01.txt}},
303 @misc{diginotar-hack,
304 author = {{Elinor Mills}},
305 title = {{Fraudulent Google certificate points to Internet attack}},
306 howpublished = {\url{http://news.cnet.com/8301-27080\_3-20098894-245/fraudulent-google-certificate-points-to-internet-attack/}},
312 author = {{Damon Poeter}},
313 title = {{Fake Google Certificate Puts Gmail at Risk}},
314 howpublished = {\url{http://www.pcmag.com/article2/0,2817,2392063,00.asp}},
319 @misc{draft-ietf-websec-key-pinning,
320 author = {{C. Evans and C. Palmer}},
321 title = {{Public Key Pinning Extension for HTTP}},
322 howpublished = {\url{https://tools.ietf.org/html/draft-ietf-websec-key-pinning-09}},
328 author = {{Adam Langley, et. al.}},
329 title = {{Go X.509 Verification Source Code}},
330 howpublished = {\url{https://code.google.com/p/go/source/browse/src/pkg/crypto/x509/verify.go#173}},
335 @misc{certtransparency,
336 author = {{Adam Langley, Ben Laurie, Emilia Kasper}},
337 title = {{Certificate Transparency}},
338 howpublished = "\url{http://www.certificate-transparency.org}
339 \url{https://datatracker.ietf.org/doc/rfc6962/}",
344 @misc{snowdenGuardianGreenwald,
345 author = {{Glenn Greenwald}},
346 title = {{Edward Snowden: NSA whistleblower answers reader questions}},
347 howpublished = "\url{http://www.theguardian.com/world/2013/jun/17/edward-snowden-nsa-files-whistleblower},
348 \url{http://www.theguardian.com/world/2013/jun/17/edward-snowden-nsa-files-whistleblower}",
354 @InProceedings{https13,
355 author = {Zakir Durumeric and James Kasten and Michael Bailey and J. Alex Halderman},
356 title = {Analysis of the {HTTPS} Certificate Ecosystem},
357 booktitle = {Proceedings of the 13th Internet Measurement Conference},
360 url = {https://jhalderm.com/pub/papers/https-imc13.pdf},
363 @techreport{Wikipedia:TinyCA,
364 key = {Wikipedia:TinyCA},
366 institution = I_Wikipedia,
370 url = {https://en.wikipedia.org/wiki/TinyCA},
371 note = {Accessed 2013-12-24},
374 @techreport{MITKrbDoc:realm_config,
375 key = {MITKrbDoc:realm_config},
376 title = {Realm configuration decisions},
379 type = {Documentation},
380 url = {http://web.mit.edu/kerberos/krb5-latest/doc/admin/realm_config.html},
383 @techreport{IETF:cat-krb-dns-locate-02,
384 key = {IETF:cat-krb-dns-locate-02},
385 title = {Distributing Kerberos KDC and Realm Information with DNS},
386 institution = I_IETF,
389 author = {Ken Hornstein and Jeffrey Altman},
390 type = {Internet Draft},
391 url = {https://www.ietf.org/proceedings/48/I-D/cat-krb-dns-locate-02.txt},
396 title = {Kerberos 5 Release 1.9},
400 type = {Release Notes},
401 url = {http://web.mit.edu/kerberos/krb5-1.9/},
404 @techreport{JavaJGSS,
406 title = {Java Generic Security Services: (Java GSS) and Kerberos},
407 institution = I_ORACLE,
408 type = {Documentation},
409 url = {http://docs.oracle.com/javase/7/docs/technotes/guides/security/jgss/jgss-features.html},
412 @techreport{ShishiEnctypes,
413 key = {ShishiEnctypes},
414 title = {GNU Shishi 1.0.2},
416 type = {Documentation},
417 url = {https://www.gnu.org/software/shishi/manual/shishi.html\#Cryptographic-Overview},
420 @techreport{AttKerbDepl,
422 author = {Rachel Engel and Brad Hill and Scott Stender},
423 title = {Attacking Kerberos Deployments},
424 journal = I_BLACKHAT,
427 url = {https://media.blackhat.com/bh-us-10/presentations/Stender_Engel_Hill/BlackHat-USA-2010-Stender-Engel-Hill-Attacking-Kerberos-Deployments-slides.pdf},