报告题目：Designing Effective Solutions to Access TLS-encrypted Traffic
报告人：Dr. Xavier de Carné de Carnavalet
地点：腾讯视频会议线上报告 (ID: 122-329-167)
Dr de Carnavalet received his Ph.D. degree in Information and Systems Engineering from Concordia University, and spent a year at Carleton University as a post-doctoral research fellow advised by Prof. Paul van Oorschot. He obtained a M.Sc./Dipl-Ing. from École Supérieure d'Informatique, Électronique, Automatique (ESIEA), and a M.A.Sc. from Concordia University. His research targets real-world security and privacy problems that affect the public at large. One of the major directions of his research is to measure and improve user privacy and security from threats posed by software, web technologies and services. He made contributions in the fields of passwords and authentication, reproducible builds, and secure communication interception. His work received several awards including the prestigious NSERC Vanier Canada Graduate Scholarship.
TLS is an end-to-end network protocol designed to provide confidentiality and integrity guarantees that improve end-user security and privacy. While TLS helps defend against pervasive surveillance of intercepted unencrypted traffic, it also hinders several common beneficial operations typically performed by middleboxes on the network traffic, such as malware detection and performance optimization. This issue has resulted in some parties proposing various methods that bypass the confidentiality goals of TLS, ranging from simple to more complex solutions. With both effectiveness and deployability in mind, we will compare the design of various techniques and proposals by which TLS no longer delivers end-to-end security, and make observations useful for researchers to understand what makes a technical proposal successful in the real world.