These are my blogs

and also my life

Wicklight protocol design

2023-02-03 golang coding proxy tls

This document specifies Wicklight protocol. Wicklight is an extended HTTP(s) Proxy Read More

Wicktls protocol design

2023-01-10 golang coding proxy tls

This document specifies Wicktls protocol. Wicktls allows building a tunnel based on an SSL/TLS connection with strong traffic reshaping. Read More

论文笔记| NDSS 2020 的几篇论文通读

2020-03-16 reading CA web tls

SYMTCP: Eluding Stateful Deep Packet Inspection with Automated Discrepancy Discovery 作者: Zhongjie Wang NDSS 2020 TCP等有状态的网络协议的实现需要使用状态机模型。但是由于文档使用自然语言 ... Read More

论文笔记| CA 体系中的 Certificate Transparency

2019-12-06 reading CA web TLS

什么是 CT ? 在原始的 KPI/CA 体系中,并没有 CT 这样一个角色的存在。而引入这样一个角色,是为了解决 CA 体系 在结构上的弊端。 这篇博文讲述了 CT 的基本体系结构,而后简要介绍 CSS 2019 的论文 Certificate Transparency in the Wild: ... Read More

技术摘要| 安全的SSL/TLS配置推荐及其原理

2019-11-28 coding tls web nginx

一、SSL/TLS 背景 如今已经是 2019 年了,大部分的 HTTP 服务器都默认配置了 SSL/TLS ,以为大家提供安全的、具有隐私性的网络服务。 但是安全的配置 TLS 往往是困难的,如果配置不当可能会导致性能低下、安全性能减弱等问题。因此这篇文章以 Nginx 服务器为例,讲解如何安全的 ... Read More

论文阅读| Safely Exporting Keys from Secure Channels: On the Security of EAP-TLS and TLS Key Exporters

2019-09-22 reading tls web

Safely Exporting Keys from Secure Channels: On the Security of EAP-TLS and TLS Key Exporters Christina Brzuska, Håkon Jacobsen, and Douglas Stebila ... Read More

论文笔记:The use of TLS in Censorship Circumvention

2019-09-18 reading tls web

The use of TLS in Censorship Circumvention Network and Distributed Systems Security (NDSS) Symposium 2019 Sergey Frolov, Eric Wustrow. University of ... Read More

论文笔记| maTLS: How to Make TLS middlebox-aware?

2019-09-18 reading tls web

maTLS: How to Make TLS middlebox-aware? Hyunwoo Lee, Zach Smith, Junghwan Lim†, Gyeongjae Choi, Selin Chun, Taejoong Chung, Ted “Taekyoung” Kwon ... Read More

论文阅读| Hybrid key exchange in TLS 1.3 or SSH

2019-09-17 reading tls web

Hybrid key exchange in TLS 1.3 or SSH Draft-stebila-tls-hybrid-design-01 Motivation of hybrid key exchange tranditional algorithms: have risks in face ... Read More

RFC 8446| Transport Layer Security 1.3

2019-09-11 reading tls web

Transport Layer Security 1.3 (RFC 8446) 1. Major differences from TLS 1.2 All legacy algorithms have been deprecated. TLS 1.3 uses AEAD instead. 0-RTT ... Read More