Study Reveals Vulnerabilities in Widely Used Encryption Protocols / Kyung-tae Kang

TLS 1.3 and SSH are among the most popular and widely trusted protocols. A new study by researchers from Hanyang University ERICA conducts a comprehensive survey of cryptographic network protocols, particularly TLS, HTTPS, and SSH, systematically mapping their encryption schemes, known vulnerabilities, and attack mechanisms, while proposing a classification framework to help developers and researchers better understand and mitigate emerging cybersecurity threats.

Cryptographic network protocols such as Transport Layer Security (TLS) form the backbone of secure communications over networks. The release of TLS 1.3, the latest version of TLS, in 2018 has generated considerable interest in this field over the years. Although TLS 1.3 was designed with substantially enhanced security features and has been widely regarded as a robust protocol, this perception has led existing research to focus predominantly on validating its theoretical soundness, leaving its practical vulnerabilities in real-world environments comparatively underexplored.

Real-world deployment, however, presents a more complex picture. Legacy versions such as TLS 1.1 and 1.2 remain in use due to compatibility constraints, and modern systems frequently operate in environments where multiple protocol versions coexist. In such heterogeneous settings, vulnerabilities continue to emerge, stemming not only from older protocols but also from implementation-level weaknesses within TLS 1.3 itself, underscoring the need for a more comprehensive, practice-oriented analysis. Prior research has also fallen short of providing a unified understanding of these evolving threats. Many studies have examined specific cryptographic algorithms in isolation, while others have been confined to narrow domains such as IoT or sensor networks. Consequently, vulnerabilities across network channel encryption protocols have rarely been analyzed in an integrated manner, making it difficult to grasp the broader security landscape.

To address these limitations, a team of researchers from Hanyang University, including Post-Doctoral Research Associate Jemin Ahn at the Research Institute of AI Convergence and Tenured Professor Kyungtae Kang at the Department of Artificial Intelligence, has conducted a comprehensive and systematic investigation of vulnerabilities across network channel encryption protocols, spanning research from 2013 to 2024. Their findings were made available online on January 6, 2025 and published in Volume 27, Issue 6 of IEEE Communications Surveys & Tutorials on December 1, 2025.

According to Dr. Ahn, “The scope of our study extends beyond TLS 1.3 to include its predecessors—TLS 1.0, 1.1, and 1.2—as well as other protocols with analogous security objectives, such as SSH and HTTPS, providing a structured and integrated view of the broader threat landscape.”

Within this broader scope, the study places particular emphasis on TLS 1.3, specifically investigating underexplored implementation-level vulnerabilities such as software bugs, memory handling errors, and authentication bypass mechanisms. By extending the analysis to earlier TLS iterations—covering both legacy and newly discovered flaws—the research provides a longitudinal perspective on the evolution of security risks across protocol generations.

Furthermore, it examines the compounding risks inherent in heterogeneous environments, with particular emphasis on downgrade attacks, where adversaries exploit legacy protocol support to bypass stronger security configurations.

Finally, drawing on these findings, the study identifies several key directions for advancing next-generation network security. These include the development of real-time intelligent vulnerability detection systems, the transition to post-quantum cryptography in anticipation of emerging computational threats, the exploration of advanced encryption paradigms such as homomorphic and attribute-based encryption, and the application of AI-driven traffic analysis for identifying threats concealed within encrypted communications.

The findings are expected to pave the way for several real-world applications. “Our work provides a unified knowledge base for understanding the threat landscape, offers a practical reference for secure network infrastructure development, and informs future research directions in next-generation network security. Overall, it can serve as a foundation for safer digital infrastructure for real-time, intelligent threat detection in the era of rapidly advancing computational power,” concludes Dr. Kang.

Reference

Title of original paper: Exploring Encryption Algorithms and Network Protocols: A Comprehensive Survey of Threats and Vulnerabilities

Journal: IEEE Communications Surveys & Tutorials

DOI: 10.1109/COMST.2025.3526605

About Hanyang University ERICA

Hanyang University ERICA (Education Research Industry Cluster at Ansan) is a prominent research-focused campus established in 1979 in Ansan, South Korea. ERICA offers undergraduate and graduate programs. ERICA is renowned for its active industry-university cooperation, offering students hands-on experience through partnerships with various industries. This ensures that graduates are well-prepared to meet societal needs and excel in their respective fields. With state-of-the-art facilities and a supportive learning environment, Hanyang University ERICA empowers students to pursue their passions and contribute meaningfully to society, staying true to the university's founding philosophy of "Love in Deed and Truth."

Website: https://www.hanyang.ac.kr/web/eng/erica-campus1

About the authors

Jemin Ahn received his B.S. degree in Computer Science and Engineering from Hanyang University ERICA, Ansan, South Korea, in 2017, and his Ph.D. degree in Computer Science and Engineering from Hanyang University, Seoul, South Korea, in 2025. He is currently a Post-doctoral Research Associate at the Research Institute of AI Convergence, Hanyang University ERICA. His research interests lie at the intersection of cybersecurity and deep learning, with a focus on developing practical methods for detecting and preventing cyber threats. His recent work centers on leveraging natural language processing models to advance attack detection techniques.

Kyungtae Kang received his B.S. degree in Computer Science and Engineering in 1999, and his M.S. and Ph.D. degrees in Electrical Engineering and Computer Science in 2001 and 2007, respectively, from Seoul National University, Seoul, South Korea. From 2008 to 2010, he served as a postdoctoral research associate at the University of Illinois at Urbana-Champaign, IL, USA. In 2011, he joined the Department of Computer Science and Engineering at Hanyang University ERICA, South Korea, where he is currently a tenured professor in the Department of Artificial Intelligence. His research interests primarily focus on systems, including operating systems, mobile systems, distributed systems, and real-time embedded systems. His recent work explores the interdisciplinary field of cyber-physical systems.