T. Dierks and E. Rescorla, The Transport Layer Security (TLS) Protocol Version 1.2, IETF RFC, vol.5246, 2008.
DOI : 10.17487/rfc5246

T. Jager, F. Kohlar, S. Schäge, and J. Schwenk, On the Security of TLS-DHE in the Standard Model, CRYPTO, 2012.
DOI : 10.1007/978-3-642-32009-5_17

H. Krawczyk, K. G. Paterson, and H. Wee, On the Security of the TLS Protocol: A Systematic Analysis, CRYPTO, 2013.
DOI : 10.1007/978-3-642-40041-4_24

Y. Li, S. Schäge, Z. Yang, F. Kohlar, and J. Schwenk, On the Security of the Pre-shared Key Ciphersuites of TLS, Public-Key Cryptography, 2014.
DOI : 10.1007/978-3-642-54631-0_38

K. G. Paterson, T. Ristenpart, and T. Shrimpton, Tag Size Does Matter: Attacks and Proofs for the TLS Record Protocol, ASIACRYPT, 2011.
DOI : 10.1007/978-3-642-25385-0_20

T. Dierks and C. Allen, The TLS protocol version 1.0, IETF RFC 2246, 1999.
DOI : 10.17487/rfc2246

T. Dierks and E. Rescorla, The Transport Layer Security (TLS) Protocol Version 1.1, IETF RFC, vol.4346, 2006.
DOI : 10.17487/rfc4346

K. Bhargavan, C. Fournet, M. Kohlweiss, A. Pironti, and P. Strub, Implementing TLS with Verified Cryptographic Security, 2013 IEEE Symposium on Security and Privacy, p.2013
DOI : 10.1109/SP.2013.37
URL : https://hal.archives-ouvertes.fr/hal-00863373

J. Salowey, H. Zhou, P. Eronen, and H. Tschofenig, TLS session resumption without server-side state, 2008.

N. M. Langley, A. , and B. Moeller, Transport Layer Security (TLS) False Start, 2010.
DOI : 10.17487/RFC7918

K. Bhargavan, A. D. Lavaud, C. Fournet, A. Pironti, and P. Strub, Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS, 2014 IEEE Symposium on Security and Privacy, p.2014
DOI : 10.1109/SP.2014.14
URL : https://hal.archives-ouvertes.fr/hal-01102259

C. Soghoian and S. Stamm, Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL, Financial Cryptography, 2012.
DOI : 10.2139/ssrn.1591033

S. Cavallar, B. Dodson, A. Lenstra, W. Lioen, P. Montgomery et al., Factorization of a 512-Bit RSA Modulus, EUROCRYPT, 2000.
DOI : 10.1007/3-540-45539-6_1
URL : https://hal.archives-ouvertes.fr/inria-00099117

Z. Durumeric, E. Wustrow, and J. A. Halderman, ZMap: Fast Internet-wide scanning and its security applications, USENIX Security, 2013.

F. Bergsma, B. Dowling, F. Kohlar, J. Schwenk, and D. Stebila, Multi-Ciphersuite Security of the Secure Shell (SSH) Protocol, Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS '14, 2014.
DOI : 10.1145/2660267.2660286

N. Mavrogiannopoulos, F. Vercauteren, V. Velichkov, and B. Preneel, A cross-protocol attack on the TLS protocol, Proceedings of the 2012 ACM conference on Computer and communications security, CCS '12, 2012.
DOI : 10.1145/2382196.2382206

T. Dierks and E. Rescorla, The Transport Layer Security (TLS) Protocol Version 1.3, 2014.

K. Bhargavan, A. Delignat-lavaud, A. Pironti, A. Langley, and M. Ray, Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension, IETF Internet Draft, 2014.
DOI : 10.17487/RFC7627

K. Bhargavan, C. Fournet, M. Kohlweiss, A. Pironti, P. Strub et al., Proving the TLS Handshake Secure (As It Is), CRYPTO, 2014.
DOI : 10.1007/978-3-662-44381-1_14
URL : https://hal.archives-ouvertes.fr/hal-01102229

J. B. Almeida, M. Barbosa, G. Barthe, and F. Dupressoir, Certified computer-aided cryptography, Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, CCS '13, 2013.
DOI : 10.1145/2508859.2516652

C. Meyer and J. Schwenk, Lessons learned from previous SSL/TLS attacks ? A brief chronology of attacks and weaknesses, IACR Cryptology ePrint Archive, 2013.

D. Wagner and B. Schneier, Analysis of the SSL 3.0 protocol, USENIX Electronic Commerce, 1996.

E. Rescorla, M. Ray, S. Dispensa, and N. Oskov, TLS renegotiation indication extension, 2010.

D. Bleichenbacher, Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1, CRYPTO, 1998.
DOI : 10.1007/BFb0055716

V. Klima, O. Pokorny, and T. Rosa, Attacking RSAbased sessions in SSL/TLS, CHES, 2003.

C. Meyer, J. Somorovsky, E. Weiss, J. Schwenk, S. Schinzel et al., Revisiting SSL/TLS implementations: New bleichenbacher side channels and attacks, USENIX Security, 2014.

S. Vaudenay, I. , and W. , Security flaws induced by CBC padding applications to SSL, EUROCRYPT, 2002.

N. J. Alfardan and K. G. Paterson, Lucky thirteen: breaking the TLS and DTLS record protocols, IEEE S&P, p.2013

T. Jager, K. G. Paterson, and J. Somorovsky, One bad apple: Backwards compatibility attacks on state-of-the-art cryptography, NDSS, 2013.

K. Bhargavan, C. Fournet, R. Corin, and E. , Verified Cryptographic Implementations for TLS, ACM Transactions on Information and System Security, vol.15, issue.1, pp.1-32, 2012.
DOI : 10.1145/2133375.2133378
URL : https://hal.archives-ouvertes.fr/hal-00863381

S. Chaki and A. Datta, ASPIER: An Automated Framework for Verifying Security Protocol Implementations, 2009 22nd IEEE Computer Security Foundations Symposium, 2009.
DOI : 10.1109/CSF.2009.20

J. Jürjens, Security Analysis of Crypto-based Java Programs using Automated Theorem Provers, 21st IEEE/ACM International Conference on Automated Software Engineering (ASE'06), 2006.
DOI : 10.1109/ASE.2006.60

M. Avalle, A. Pironti, D. Pozza, and R. Sisto, JavaSPI, International Journal of Secure Software Engineering, vol.2, issue.4, pp.34-48, 2011.
DOI : 10.4018/jsse.2011100103

J. Goubault-larrecq and F. Parrennes, Cryptographic Protocol Analysis on Real C Code, Verification, Model Checking, and Abstract Interpretation, 2005.
DOI : 10.1007/978-3-540-30579-8_24

F. Dupressoir, A. D. Gordon, J. Jürjens, and D. A. Naumann, Guiding a general-purpose C verifier to prove cryptographic protocols, Journal of Computer Security, vol.22, issue.5, pp.823-866, 2014.
DOI : 10.3233/JCS-140508

J. Lawall, B. Laurie, R. R. Hansen, N. Palix, and G. Muller, Finding Error Handling Bugs in OpenSSL Using Coccinelle, 2010 European Dependable Computing Conference, 2010.
DOI : 10.1109/EDCC.2010.31
URL : https://hal.archives-ouvertes.fr/hal-00940375