Digital Key Research Hub

Our goal is to analyze the deployment and management of digital keys across various systems and gain insights to enhance Internet security.

Here, we provide summary of our research along with corresponding artifacts, including analysis code and datasets.

All research is conducted by the network security research group, supervised by Yixin Sun at the University of Virginia.

List of projects:

DNS HTTPS record measurement (IMC'24): We aim to analyze the deployment trends and characteristics of HTTPS records by scanning Tranco domains (server-side). Additionally, we examine browser support for HTTPS records and identify related client-side behaviors.
Mutual TLS and certificate analysis (IMC'24): We aim to investigate the prevalence and characteristics of mutual TLS connections, including potential services and patterns of certificate usage. Additionally, we examine security concerns, non-standard behaviors in certificate sharing, and privacy implications of sensitive information in mutual TLS certificates.
IoT TLS and certificate analysis (IMC'23): We aim to investigate the TLS configurations and server certificate management practices of IoT device vendors. Using a large-scale, crowdsourced dataset of IoT device network traffic, we analyze the customization and heterogeneity of TLS libraries, potential security vulnerabilities, and private CA practices in IoT PKI, aiming to highlight security risks and encourage best practices.