{"id":"https://openalex.org/W4416276774","doi":"https://doi.org/10.1145/3772356.3772399","title":"Leveraging Certificate Transparency to Mitigate Downgrade Attacks","display_name":"Leveraging Certificate Transparency to Mitigate Downgrade Attacks","publication_year":2025,"publication_date":"2025-11-17","ids":{"openalex":"https://openalex.org/W4416276774","doi":"https://doi.org/10.1145/3772356.3772399"},"language":null,"primary_location":{"id":"doi:10.1145/3772356.3772399","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3772356.3772399","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3772356.3772399","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 24th ACM Workshop on Hot Topics in Networks","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3772356.3772399","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5081727602","display_name":"Hyunsoo Kim","orcid":"https://orcid.org/0000-0002-5089-5442"},"institutions":[{"id":"https://openalex.org/I139264467","display_name":"Seoul National University","ror":"https://ror.org/04h9pn542","country_code":"KR","type":"education","lineage":["https://openalex.org/I139264467"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"Hyunsoo Kim","raw_affiliation_strings":["Seoul National University, Seoul, Republic of Korea"],"raw_orcid":"https://orcid.org/0000-0002-5089-5442","affiliations":[{"raw_affiliation_string":"Seoul National University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I139264467"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5114062167","display_name":"MinHo Hwang","orcid":"https://orcid.org/0009-0000-8641-7031"},"institutions":[{"id":"https://openalex.org/I139264467","display_name":"Seoul National University","ror":"https://ror.org/04h9pn542","country_code":"KR","type":"education","lineage":["https://openalex.org/I139264467"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Myungbin Hwang","raw_affiliation_strings":["Seoul National University, Seoul, Republic of Korea"],"raw_orcid":"https://orcid.org/0009-0000-8641-7031","affiliations":[{"raw_affiliation_string":"Seoul National University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I139264467"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5076713179","display_name":"Taekyoung Kwon","orcid":"https://orcid.org/0000-0002-7795-0077"},"institutions":[{"id":"https://openalex.org/I139264467","display_name":"Seoul National University","ror":"https://ror.org/04h9pn542","country_code":"KR","type":"education","lineage":["https://openalex.org/I139264467"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Taekyoung Kwon","raw_affiliation_strings":["Seoul National University, Seoul, Republic of Korea"],"raw_orcid":"https://orcid.org/0000-0002-7795-0077","affiliations":[{"raw_affiliation_string":"Seoul National University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I139264467"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5081727602"],"corresponding_institution_ids":["https://openalex.org/I139264467"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.32333915,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"370","last_page":"376"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.39329999685287476,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.39329999685287476,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.24869999289512634,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.11150000244379044,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/downgrade","display_name":"Downgrade","score":0.9621000289916992},{"id":"https://openalex.org/keywords/transparency","display_name":"Transparency (behavior)","score":0.715499997138977},{"id":"https://openalex.org/keywords/certificate","display_name":"Certificate","score":0.6273000240325928},{"id":"https://openalex.org/keywords/verifiable-secret-sharing","display_name":"Verifiable secret sharing","score":0.5333999991416931},{"id":"https://openalex.org/keywords/oracle","display_name":"Oracle","score":0.5056999921798706},{"id":"https://openalex.org/keywords/authorization","display_name":"Authorization","score":0.3630000054836273},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.33090001344680786}],"concepts":[{"id":"https://openalex.org/C2779628075","wikidata":"https://www.wikidata.org/wiki/Q1253258","display_name":"Downgrade","level":2,"score":0.9621000289916992},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7904000282287598},{"id":"https://openalex.org/C2780233690","wikidata":"https://www.wikidata.org/wiki/Q535347","display_name":"Transparency (behavior)","level":2,"score":0.715499997138977},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7093999981880188},{"id":"https://openalex.org/C96865113","wikidata":"https://www.wikidata.org/wiki/Q2946816","display_name":"Certificate","level":2,"score":0.6273000240325928},{"id":"https://openalex.org/C85847156","wikidata":"https://www.wikidata.org/wiki/Q59015987","display_name":"Verifiable secret sharing","level":3,"score":0.5333999991416931},{"id":"https://openalex.org/C55166926","wikidata":"https://www.wikidata.org/wiki/Q2892946","display_name":"Oracle","level":2,"score":0.5056999921798706},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.4650999903678894},{"id":"https://openalex.org/C108759981","wikidata":"https://www.wikidata.org/wiki/Q788590","display_name":"Authorization","level":2,"score":0.3630000054836273},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.33090001344680786},{"id":"https://openalex.org/C2779201187","wikidata":"https://www.wikidata.org/wiki/Q2775060","display_name":"Information leakage","level":2,"score":0.3003999888896942},{"id":"https://openalex.org/C118463975","wikidata":"https://www.wikidata.org/wiki/Q220849","display_name":"Digital signature","level":3,"score":0.2791999876499176},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2624000012874603},{"id":"https://openalex.org/C2777338717","wikidata":"https://www.wikidata.org/wiki/Q1762621","display_name":"Vendor","level":2,"score":0.2583000063896179},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.2547000050544739},{"id":"https://openalex.org/C94284585","wikidata":"https://www.wikidata.org/wiki/Q228184","display_name":"Random oracle","level":4,"score":0.2524000108242035}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3772356.3772399","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3772356.3772399","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3772356.3772399","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 24th ACM Workshop on Hot Topics in Networks","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3772356.3772399","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3772356.3772399","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3772356.3772399","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 24th ACM Workshop on Hot Topics in Networks","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2617297419","display_name":null,"funder_award_id":"RS-2023-00220985","funder_id":"https://openalex.org/F4320322120","funder_display_name":"National Research Foundation of Korea"},{"id":"https://openalex.org/G3457412927","display_name":null,"funder_award_id":"RS-2023-00220985","funder_id":"https://openalex.org/F4320320671","funder_display_name":"National Research Foundation"},{"id":"https://openalex.org/G3598079552","display_name":null,"funder_award_id":"RS-2021-II211343","funder_id":"https://openalex.org/F4320335489","funder_display_name":"Institute for Information and Communications Technology Promotion"},{"id":"https://openalex.org/G6199298148","display_name":null,"funder_award_id":"IITP-2025-2021-0-02048","funder_id":"https://openalex.org/F4320328359","funder_display_name":"Ministry of Science and ICT, South Korea"},{"id":"https://openalex.org/G6823783443","display_name":null,"funder_award_id":"IITP-2025-RS-2024-00418784","funder_id":"https://openalex.org/F4320328359","funder_display_name":"Ministry of Science and ICT, South Korea"},{"id":"https://openalex.org/G7288789209","display_name":null,"funder_award_id":"RS-2021-II211343","funder_id":"https://openalex.org/F4320328359","funder_display_name":"Ministry of Science and ICT, South Korea"},{"id":"https://openalex.org/G7798134731","display_name":null,"funder_award_id":"RS-2021-II211343","funder_id":"https://openalex.org/F4320321292","funder_display_name":"Seoul National University"},{"id":"https://openalex.org/G8913533238","display_name":null,"funder_award_id":"RS-2023-00220985","funder_id":"https://openalex.org/F4320328359","funder_display_name":"Ministry of Science and ICT, South Korea"}],"funders":[{"id":"https://openalex.org/F4320320671","display_name":"National Research Foundation","ror":"https://ror.org/05s0g1g46"},{"id":"https://openalex.org/F4320321292","display_name":"Seoul National University","ror":"https://ror.org/04h9pn542"},{"id":"https://openalex.org/F4320322120","display_name":"National Research Foundation of Korea","ror":"https://ror.org/013aysd81"},{"id":"https://openalex.org/F4320324891","display_name":"Iran Telecommunication Research Center","ror":"https://ror.org/01a3g2z22"},{"id":"https://openalex.org/F4320328359","display_name":"Ministry of Science and ICT, South Korea","ror":"https://ror.org/01wpjm123"},{"id":"https://openalex.org/F4320335489","display_name":"Institute for Information and Communications Technology Promotion","ror":"https://ror.org/01g0hqq23"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4416276774.pdf","grobid_xml":"https://content.openalex.org/works/W4416276774.grobid-xml"},"referenced_works_count":11,"referenced_works":["https://openalex.org/W1678749812","https://openalex.org/W1996430944","https://openalex.org/W2401862431","https://openalex.org/W2806616617","https://openalex.org/W2890897493","https://openalex.org/W2984693548","https://openalex.org/W3047716811","https://openalex.org/W3110256582","https://openalex.org/W4233819588","https://openalex.org/W4320716610","https://openalex.org/W4388406329"],"related_works":[],"abstract_inverted_index":{"Despite":[0],"the":[1,12,80,100],"widespread":[2],"adoption":[3],"of":[4,44,82,90,103,133],"TLS":[5,68],"to":[6,28,74,126],"secure":[7],"many":[8],"protocols":[9],"such":[10],"as":[11,40],"web,":[13],"DNS,":[14],"and":[15,67,93,130],"email,":[16],"downgrade":[17,76],"attacks":[18],"remain":[19],"a":[20,41,47,54,62,87,116,128],"significant":[21],"vulnerability\u2014particularly":[22],"when":[23],"clients":[24,73],"opportunistically":[25],"fall":[26],"back":[27],"unencrypted":[29],"communication.":[30],"To":[31,78],"address":[32],"this,":[33,113],"we":[34,52,85,114],"propose":[35,115],"leveraging":[36],"Certificate":[37],"Transparency":[38],"(CT)":[39],"verifiable":[42],"source":[43],"truth":[45],"regarding":[46],"server's":[48,63],"security":[49],"capabilities.":[50],"Specifically,":[51],"introduce":[53],"custom":[55],"X.509":[56],"certificate":[57],"extension":[58],"that":[59,99,119],"explicitly":[60],"declares":[61],"supported":[64],"protocols,":[65],"ports,":[66],"versions.":[69],"This":[70],"information":[71],"enables":[72],"detect":[75],"attacks.":[77],"assess":[79],"feasibility":[81],"our":[83],"approach,":[84],"conducted":[86],"measurement":[88],"study":[89],"DNS-over-TLS,":[91],"DNS-over-HTTPS,":[92],"SMTP":[94],"servers.":[95],"Our":[96],"results":[97],"show":[98],"vast":[101],"majority":[102],"certificates":[104],"are":[105],"already":[106],"logged":[107],"in":[108],"CT":[109,117,124],"logs.":[110],"Building":[111],"on":[112],"oracle":[118],"aggregates":[120],"data":[121],"from":[122],"all":[123],"logs":[125],"provide":[127],"reliable":[129],"comprehensive":[131],"view":[132],"certificates.":[134]},"counts_by_year":[],"updated_date":"2026-03-08T06:56:09.383167","created_date":"2025-11-17T00:00:00"}