International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News item: 30 August 2013

Arnis Parsovs
ePrint Report ePrint Report
The most widely used secure Internet communication standard TLS (Transport Layer Security) has an optional client certificate authentication feature that in theory has significant security advantages over HTML form-based password authentication. In this paper we discuss practical security and usability issues related to TLS client certificate authentication stemming from the server side and browser implementations. In particular we analyze Apache mod_ssl implementation on server side and the most popular browsers - Mozilla Firefox, Google Chrome and Microsoft Internet Explorer on client side. We complement our paper with a case study performed in Estonia where TLS client certificate authentication is widely used. We present our recommendations for TLS implementations on the client and server side to improve the security and usability of TLS client certificate authentication.

Expand

Additional news items may be found on the IACR news page.