2021 AISC – TLS Inspection: Issues and Development
Speaker: Dr. Joonsang Baek
Affiliation: University of Wollongong
Transport Layer Security (TLS) may be the most popular protocol for establishing secure channels on the Internet. However, TLS does not differentiate regular users from threat actors, who want to evade detection through the secure channel provided by TLS. For this reason, various organisations have been more and more interested in the technology called “TLS (or SSL) Inspection”, whereby encrypted TLS traffic can be filtered and inspected by the authorised entity.
In this talk, we look at precisely what cryptographic technologies are involved in the TLS inspection. We then survey previous approaches to TLS inspection and discuss their drawbacks. We also discuss controversies related to TLS inspection. Finally, we introduce the recent new development for TLS inspection, initiated by Baek, Kim and Susilo at AsiaCCS 2020.
Joonsang Baek received his PhD degree in computer science from Monash University, Australia, in 2004. He received the MS in computer engineering from Korea Advanced Institute of Science and Technology (KAIST), Korea, and the BS in mathematics from Pohang University of Science and Technology (POSTECH), Korea, in 2000 and 1998, respectively. Joonsang is currently a senior lecturer at School of Computing and Information Technology, University of Wollongong (UOW), Australia. Before joining UOW, he was an assistant professor in the Department of Electrical and Computer Engineering at Khalifa University, UAE. He also worked as a research scientist at the Institute for Infocomm Research (I2R), Singapore before he joined the academia. His current research interests are in the field of cybersecurity, focusing on the application of cryptographic primitives to real-world applications. Joonsang has published his work in many reputable journals and conference proceedings. He has also served as chairs, and program committee members for numerous renowned conferences and journals in the field of cybersecurity and cryptography. He is currently an editorial board member of the International Journal of Information Security.