D. Adrian, K. Bhargavan, Z. Durumeric, P. Gaudry, M. Green et al., Imperfect forward secrecy: How diffie-hellman fails in practice, Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015.
URL : https://hal.archives-ouvertes.fr/hal-01982426

,

N. J. Alfardan and K. G. Paterson, Lucky thirteen: Breaking the TLS and DTLS record protocols, IEEE Symposium on Security and Privacy, SP, pp.526-540, 2013.

N. Aviram, S. Schinzel, J. Somorovsky, N. Heninger, M. Dankel et al., DROWN: Breaking TLS with SSLv2, 2016.

K. Bhargavan and G. Leurent, Transcript collision attacks: Breaking authentication in tls, IKE and SSH, 23rd Annual Network and Distributed System Security Symposium, NDSS, 2016.
URL : https://hal.archives-ouvertes.fr/hal-01244855

K. Bhargavan and G. Leurent, On the practical (in-)security of 64-bit block ciphers: Collision attacks on HTTP over TLS and openvpn, Proceedings of the, 2016.
URL : https://hal.archives-ouvertes.fr/hal-01404208

, ACM SIGSAC Conference on Computer and Communications Security, 2016.

G. S. Blog, SHA-1 Certificates in Chrome

P. Bright, Apple, Google, Microsoft, and Mozilla come together to end TLS 1

M. Cartwright, Book review: Experimentation in software engineering: An introduction. by claes wohlin, per runeson, martin höst, magnus c. ohlsson, björn regnell and anders wesslén, Softw. Test., Verif. Reliab, 1999.

M. Dell'interno, Carta di identitá elettronica

A. Desnos, Github: Androguard

W. Dormann, Announcing CERT Tapioca 2.0 for Network Traffic Analysis

P. Ducklin, Boffins 'crack' HTTPS encryption in Lucky Thirteen attack

P. Ducklin, The SLOTH attacks: why laziness about cryptography puts security at risk

S. Fahl, M. Harbach, T. Muders, L. Baumgärtner, B. Freisleben et al., Why eve and mallory love android: An analysis of android ssl (in)security, Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp.50-61, 2012.

M. Georgiev, S. Iyengar, S. Jana, R. Anubhai, D. Boneh et al., The most dangerous code in the world: validating ssl certificates in non-browser software, ACM Conference on Computer and Communications Security, pp.38-49, 2012.

Y. Gluck, N. Harris, and A. Prado, BREACH: reviving the CRIME attack

M. Green, A diversion: BEAST Attack on TLS/SSL Encryption

M. Green, Attack of the week: Logjam

M. Green, The Internet is broken: could we please fix it?

J. Grimmett, Encryption export controls, 2001.

N. W. Group, The TLS Protocol: Version 1

N. W. Group, The Transport Layer Security (TLS) Protocol: Version 1

N. W. Group, The Transport Layer Security (TLS) Protocol: Version 1.2

N. W. Group, Transport Layer Security Protocol Compression Methods

O. W. Group, OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens

, IMPERVA: Attacking SSL when using RC4, IETF: Transport Layer Security (TLS) Renegotiation Indication Extension

M. Kolybabi and G. Lawrence, ssl-enum-ciphers

G. Lyon, Nmap: the Network Mapper

. Microsoft-inria, Triple Handshakes Considered Harmful: Breaking and Fixing Authentication over TLS

B. Möller, T. Duong, and K. Kotowicz, What is DROWN and how does it work?, This POODLE Bites: Exploiting The SSL 3.0 Fallback

:. Qualys and . Ssl-pulse,

I. Qualys, SSL Server Rating Guide

M. Robshaw, Stream ciphers, 1995.

B. Schneier, SecurityLearn: SSL Attacks

A. W. Services, Alexa Top Sites

C. E. Shannon, Communication theory of secrecy systems*, Bell System Technical Journal, vol.28, 1949.

R. Siles,

B. Smyth and A. Pironti, Truncating TLS connections to violate beliefs in web applications, 7th USENIX Workshop on Offensive Technologies, 2013.
URL : https://hal.archives-ouvertes.fr/hal-00863371

J. Somorovsky, Systematic fuzzing and testing of tls libraries, Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, p.16, 2016.

M. Vanhoef and F. Piessens, RC4 NOMORE (Numerous Occurrence MOnitoring & Recovery Exploit

E. Weisstein, Hash Function

D. Wetter, TLS Extended Master Secret Extension: Fixing a Hole in TLS