merging kerberos pull req. by @arwarw via github
[ach-master.git] / src / security.bib
1 @string {J_AM =
2     {\hyperref{http://stackexchange.com/}{}{}{Proceedings}
3      \hyperref{http://stackexchange.com/}{}{}{of}
4      \hyperref{http://stackexchange.com/}{}{}{Symposia}
5      \hyperref{http://stackexchange.com/}{}{}{in}
6      \hyperref{http://stackexchange.com/}{}{}{Applied}
7      \hyperref{http://stackexchange.com/}{}{}{Mathematics}}
8 }
9 @string {I_PolarSSL =
10     {\hyperref{https://polarssl.org/}{}{}{PolarSSL}}
11 }
12 @string {I_Stackexchange =
13     {\hyperref{http://stackexchange.com/}{}{}{Stackexchange}
14      \hyperref{http://stackexchange.com/}{}{}{Q\&A}
15      \hyperref{http://stackexchange.com/}{}{}{Site}}
16 }
17 @string {I_Wikipedia =
18     {\hyperref{https://wikipedia.org/}{}{}{Wikipedia}}
19 }
20 @string {I_Wolfram =
21     {\hyperref{http://mathworld.wolfram.com/}{}{}{Wolfram} 
22      \hyperref{http://mathworld.wolfram.com/}{}{}{Research} 
23      \hyperref{http://mathworld.wolfram.com/}{}{}{Mathworld}}
24 }
25 @string {J_TOMACS =
26     {\hyperref{https://tomacs.acm.org/}{}{}{ACM}
27      \hyperref{https://tomacs.acm.org/}{}{}{Transactions}
28      \hyperref{https://tomacs.acm.org/}{}{}{on}
29      \hyperref{https://tomacs.acm.org/}{}{}{Modeling}
30      \hyperref{https://tomacs.acm.org/}{}{}{and}
31      \hyperref{https://tomacs.acm.org/}{}{}{Computer}
32      \hyperref{https://tomacs.acm.org/}{}{}{Simulation}}
33 }
34
35 @string {I_MIT = 
36         {\hyperref{http://web.mit.edu/}{}{}{MIT}}
37 }
38
39 @string {I_IETF = 
40         {\hyperref{https://www.ietf.org/}{}{}{IETF}}
41 }
42
43 @string {I_ORACLE = 
44         {\hyperref{http://www.oracle.com/}{}{}{Oracle}}
45 }
46
47 @string {I_GNU = 
48         {\hyperref{https://www.gnu.org/}{}{}{GNU}}
49 }
50
51 @string {I_BLACKHAT =
52     {\hyperref{https://blackhat.com}{}{}{Blackhat}
53      \hyperref{https://blackhat.com}{}{}{USA}}
54 }
55
56 @inproceedings{HDWH12,
57    author    = {Nadia Heninger and Zakir Durumeric and Eric Wustrow
58                 and J. Alex Halderman},
59    title     = {Mining Your {P}s and {Q}s: {D}etection of Widespread Weak Keys
60                 in Network Devices},
61   booktitle  = {Proceedings of the 21st {USENIX} Security Symposium},
62   month      = aug,
63   year       = {2012},
64   url        = {https://factorable.net/weakkeys12.extended.pdf},
65 }
66
67 @techreport{Wikipedia:/dev/random,
68    key       = {Wikipedia:/dev/random},
69    title     = {/dev/random},
70    institution = I_Wikipedia,
71    year      = {2013},
72    month     = Dec,
73    type      = {Wikipedia},
74    url       = {https://en.wikipedia.org/wiki/dev/random},
75    note      = {Accessed 2013-12-06},
76 }
77
78 @article{SS03,
79    author    = {A. Seznec and N. Sendrier},
80    title     = {{HAVEGE}: a user-level software heuristic for generating
81                 empirically strong random numbers},
82    journal   = J_TOMACS,
83    year      = {2003},
84    volume    = {13},
85    number    = {4},
86    month     = Oct,
87    pages     = {334-346},
88    url       = {http://www.irisa.fr/caps/projects/hipsor/scripts/down.php?id=13781296&ext=.pdf},
89 }
90
91 @techreport{Eng11,
92    author    = {Jakob Engblom},
93    title     = {Evaluating {HAVEGE} Randomness},
94    year      = {2011},
95    month     = Feb,
96    type      = {Blog: Observations from Uppsala},
97    url       = {http://jakob.engbloms.se/archives/1374},
98 }
99
100 @techreport{POL11,
101    key       = {POL},
102    title     = {Weak random number generation within virtualized
103                 environments},
104    institution = I_PolarSSL,
105    year      = {2011},
106    month     = Dec,
107    type      = {Security Advisory},
108    number    = {2011-02},
109    url       = {https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2011-02},
110 }
111
112 @techreport{HAV13a,
113    key       = {HAV},
114    title     = {haveged -- A simple entropy daemon},
115    year      = {2013},
116    month     = Dec,
117    type      = {Software Homepage},
118    url       = {http://www.issihosts.com/haveged/},
119    note      = {Accessed 2013-12-06},
120 }
121
122 @techreport{HAV13b,
123    key       = {HAV},
124    title     = {haveged -- A simple entropy daemon: Runtime Testing},
125    year      = {2013},
126    month     = Dec,
127    type      = {Technical Background},
128    url       = {http://www.issihosts.com/haveged/},
129    note      = {Accessed 2013-12-06},
130 }
131
132 @book{katz2008introduction,
133   title={Introduction to modern cryptography},
134   author={Katz, J. and Lindell, Y.},
135   isbn={9781584885511},
136   lccn={2007017861},
137   series={Chapman and Hall/CRC Cryptography and Network Security Series},
138   url={http://books.google.at/books?id=WIc\_AQAAIAAJ},
139   year={2008},
140   publisher={Chapman \& Hall/CRC}
141 }
142
143 @techreport{DJBSC,
144    key       = {DJB},
145    title     = {SafeCurves: choosing safe curves for elliptic-curve cryptography},
146    year      = {2013},
147    month     = Dec,
148    type      = {Technical Background},
149    url       = {http://safecurves.cr.yp.to/rigid.html},
150    note      = {Accessed 2013-12-09},
151 }
152
153 @techreport{Wikipedia:ExportCipher,
154    key       = {Wikipedia:ExportCipher},
155    title     = {Export of cryptography in the {U}nited {S}tates},
156    institution = I_Wikipedia,
157    year      = {2013},
158    month     = Dec,
159    type      = {Wikipedia},
160    url       = {https://en.wikipedia.org/wiki/Export_of_cryptography_in_the_United_States},
161    note      = {Accessed 2013-12-09},
162 }
163
164 @article{ii2011ecrypt,
165    title     = {ECRYPT II},
166    author    = {II, ECRYPT and SYM, D},
167    year      = {2012},
168    url       = {http://www.ecrypt.eu.org/documents/D.SPA.20.pdf},
169    pages     = {79-86},
170 }
171
172 @techreport{Wikipedia:Tempest,
173    key       = {Wikipedia:Tempest},
174    title     = {Tempest (codename)},
175    institution = I_Wikipedia,
176    year      = {2013},
177    month     = Dec,
178    type      = {Wikipedia},
179    url       = {https://en.wikipedia.org/wiki/Tempest_(codename)},
180    note      = {Accessed 2013-12-12},
181 }
182
183 @techreport{Wikipedia:Discrete,
184    key       = {Wikipedia:Discrete},
185    title     = {Discrete logarithm},
186    institution = I_Wikipedia,
187    year      = {2013},
188    month     = Dec,
189    type      = {Wikipedia},
190    url       = {https://en.wikipedia.org/wiki/Discrete_logarithm},
191    note      = {Accessed 2013-12-12},
192 }
193
194 @techreport{Wikipedia:Certificate,
195    key       = {Wikipedia:Certificate},
196    title     = {Certificate Policy},
197    institution = I_Wikipedia,
198    year      = {2013},
199    month     = Dec,
200    type      = {Wikipedia},
201    url       = {https://en.wikipedia.org/wiki/Certificate_Policy},
202    note      = {Accessed 2013-12-12},
203 }
204
205 @techreport{Sch13,
206    author    = {Bruce Schneier},
207    title     = {The {NSA} Is Breaking Most Encryption on the Internet},
208    year      = {2013},
209    month     = Sep,
210    type      = {Blog: Schneier on Security},
211    url       = {https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html},
212 }
213
214 @techreport{Sch13b,
215    author    = {Bruce Schneier},
216    title     = {The {NSA} Is Breaking Most Encryption on the Internet},
217    year      = {2013},
218    month     = Sep,
219    type      = {Answer to Blog Comment},
220    url       = {https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html\#c1675929},
221 }
222
223 @techreport{BL13,
224    author    = {D. J. Bernstein and Tanja Lange},
225    title     = {Security dangers of the {NIST} curves},
226    year      = {2013},
227    month     = Sep,
228    type      = {Presentation slides},
229    url       = {http://cr.yp.to/talks/2013.09.16/slides-djb-20130916-a4.pdf},
230 }
231
232 @techreport{W13,
233    author    = {D. W.},
234    title     = {Should we trust the {NIST}-recommended {ECC} parameters?},
235    year      = {2013},
236    month     = Sep,
237    type      = {Stackexchange Question},
238    institution = I_Stackexchange,
239    url       = {http://crypto.stackexchange.com/questions/10263/should-we-trust-the-nist-recommended-ecc-parameters},
240 }
241
242 @inproceedings{McC90,
243    author    = {Kevin S. McCurley},
244    title     = {The Discrete Logarithm Problem},
245    booktitle = {Cryptology and Computational Number Theory, } # J_AM,
246    year      = {1990},
247    volume    = {42},
248    pages     = {49-74},
249    url       = {http://www.mccurley.org/papers/dlog.pdf},
250 }
251
252 @techreport{WR13,
253    key       = {Wolfram Research, Mathworld},
254    title     = {Elliptic Curve},
255    year      = {2013},
256    month     = Dec,
257    type      = {Math Dictionary Entry},
258    institution = I_Wolfram,
259    url       = {http://mathworld.wolfram.com/EllipticCurve.html},
260    note      = {Accessed 2013-12-12},
261 }
262
263 @misc{yarom2013flush+,
264   title      = {Flush+ Reload: a high resolution, low noise, L3 cache side-channel attack},
265   author     = {Yarom, Yuval and Falkner, Katrina},
266   year       = {2013},
267   publisher  = {Cryptology ePrint Archive, Report 2013/448, 2013. http://eprint. iacr. org/2013/448/. 3},
268   url        = {http://eprint.iacr.org/2013/448.pdf}
269 }
270
271 @techreport{TR02102,
272   title      = {BSI TR-02102 Kryptographische Verfahren},
273   author     = {Bundesamt für Sicherheit in der Informationstechnik (BSI)},
274   year       = {2013},
275   month      = {Jan},
276   url        = {https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102_pdf}
277 }
278
279 @techreport{ENISA2013,
280   title      = {ENISA - Algorithms, Key Sizes and Parameters Report},
281   author     = {{ENISA and Vincent Rijmen, Nigel P. Smart, Bogdan warinschi, Gaven Watson}},
282   year       = {2013},
283   month      = {Oct},
284   url        = {http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report},
285 }
286   
287 @book{anderson2008security,
288   title      = {Security engineering},
289   author     = {Anderson, Ross},
290   year       = {2008},
291   publisher  = {Wiley.com},
292   url        = {http://www.cl.cam.ac.uk/~rja14/book.html},
293 }
294
295 @misc{tschofenig-webpki,
296   author = {{H. Tschofenig and E. Lear}},
297   title = {{Evolving the Web Public Key Infrastructure}},
298   howpublished = {\url{https://tools.ietf.org/html/draft-tschofenig-iab-webpki-evolution-01.txt}},
299   year = 2013,
300   month = Nov,
301 }
302
303 @misc{diginotar-hack,
304   author = {{Elinor Mills}},
305   title = {{Fraudulent Google certificate points to Internet attack}},
306   howpublished = {\url{http://news.cnet.com/8301-27080\_3-20098894-245/fraudulent-google-certificate-points-to-internet-attack/}},
307   year = 2011,
308   month = Aug,
309 }
310
311 @misc{googlecahack,
312   author = {{Damon Poeter}},
313   title = {{Fake Google Certificate Puts Gmail at Risk}},
314   howpublished = {\url{http://www.pcmag.com/article2/0,2817,2392063,00.asp}},
315   year = 2011,
316   month = Aug,
317 }
318
319 @misc{draft-ietf-websec-key-pinning,
320   author = {{C. Evans and C. Palmer}},
321   title = {{Public Key Pinning Extension for HTTP}},
322   howpublished = {\url{https://tools.ietf.org/html/draft-ietf-websec-key-pinning-09}},
323   year = 2013,
324   month = Nov,
325 }
326
327 @misc{gocode,
328   author = {{Adam Langley, et. al.}},
329   title = {{Go X.509 Verification Source Code}},
330   howpublished = {\url{https://code.google.com/p/go/source/browse/src/pkg/crypto/x509/verify.go#173}},
331   year = 2013,
332   month = 12,
333 }
334
335 @misc{certtransparency,
336   author = {{Adam Langley, Ben Laurie, Emilia Kasper}},
337   title = {{Certificate Transparency}},
338   howpublished = "\url{http://www.certificate-transparency.org}
339                 \url{https://datatracker.ietf.org/doc/rfc6962/}",
340   year = 2013,
341   month = 07,
342 }
343
344 @misc{snowdenGuardianGreenwald,
345   author = {{Glenn Greenwald}},
346   title = {{Edward Snowden: NSA whistleblower answers reader questions}},
347   howpublished = "\url{http://www.theguardian.com/world/2013/jun/17/edward-snowden-nsa-files-whistleblower},
348                 \url{http://www.theguardian.com/world/2013/jun/17/edward-snowden-nsa-files-whistleblower}",
349   year = 2013,
350   month = 07,
351   day = 17,
352 }
353
354 @InProceedings{https13,
355         author = {Zakir Durumeric and James Kasten and Michael Bailey and J. Alex Halderman},
356         title = {Analysis of the {HTTPS} Certificate Ecosystem},
357         booktitle = {Proceedings of the 13th Internet Measurement Conference},
358         month = oct,
359         year = {2013},
360         url = {https://jhalderm.com/pub/papers/https-imc13.pdf},
361 }
362
363 @techreport{Wikipedia:TinyCA,
364    key       = {Wikipedia:TinyCA},
365    title     = {TinyCA},
366    institution = I_Wikipedia,
367    year      = {2013},
368    month     = Dec,
369    type      = {Wikipedia},
370    url       = {https://en.wikipedia.org/wiki/TinyCA},
371    note      = {Accessed 2013-12-24},
372 }
373
374 @techreport{MITKrbDoc:realm_config,
375         key = {MITKrbDoc:realm_config},
376         title = {Realm configuration decisions},
377         institution = I_MIT,
378         year = {2013},
379         type = {Documentation},
380         url = {http://web.mit.edu/kerberos/krb5-latest/doc/admin/realm_config.html},
381 }
382
383 @techreport{IETF:cat-krb-dns-locate-02,
384         key = {IETF:cat-krb-dns-locate-02},
385         title = {Distributing Kerberos KDC and Realm Information with DNS},
386         institution = I_IETF,
387         year = {2000},
388         month = Mar,
389         author = {Ken Hornstein and Jeffrey Altman},
390         type = {Internet Draft},
391         url = {https://www.ietf.org/proceedings/48/I-D/cat-krb-dns-locate-02.txt},
392 }
393
394 @techreport{krb519,
395         key = {krb519},
396         title = {Kerberos 5 Release 1.9},
397         institution = I_MIT,
398         year = {2010},
399         month = Dec,
400         type = {Release Notes},
401         url = {http://web.mit.edu/kerberos/krb5-1.9/},
402 }
403
404 @techreport{JavaJGSS,
405         key = {JavaJGSS},
406         title = {Java Generic Security Services: (Java GSS) and Kerberos},
407         institution = I_ORACLE,
408         type = {Documentation},
409         url = {http://docs.oracle.com/javase/7/docs/technotes/guides/security/jgss/jgss-features.html},
410 }
411
412 @techreport{ShishiEnctypes,
413         key = {ShishiEnctypes},
414         title = {GNU Shishi 1.0.2},
415         institution = I_GNU,
416         type = {Documentation},
417         url = {https://www.gnu.org/software/shishi/manual/shishi.html\#Cryptographic-Overview},
418 }
419
420 @techreport{AttKerbDepl,
421         key = {AttKerbDepl},
422         author = {Rachel Engel and Brad Hill and Scott Stender},
423         title = {Attacking Kerberos Deployments},
424         journal = J_BLACKHAT,
425         year = {2010},
426         type = {Slides},
427         url = {https://media.blackhat.com/bh-us-10/presentations/Stender_Engel_Hill/BlackHat-USA-2010-Stender-Engel-Hill-Attacking-Kerberos-Deployments-slides.pdf},
428 }