Praktikum zur Hackertechnik - 26.10.2011 - Gregor KopfOct 27, 2011 von rubcast
Gregor Kopf - Recurity Labs GmbH
Gregor Kopf works at Recurity Labs GmbH, a Berlin based company specializing in the high end areas of system and code analysis. Gregor is experienced in source code audits, black box analysis and penetration testing. Furthermore, besides code audits and penetration tests, Gregor also performs software/system design work at Recurity Labs.
Abstract of the talk of Gregor Kopf - Recurity Labs GmbH
Over the years the identification and exploitation of high-level bugs has become more important. Especially cryptographic implementations can easily be affected by subtle bugs. This talk shows two examples of bugs in crypto related Web application code: one in a message authentication code implementation and one in the use of a random number generator, showing the effects of improper use of otherwise good cryptographic primitives. For the theoretically inclined, a part of the talk will be include a bit of math. For the more practical people, the full exploitation of the bugs will be shown. Interestingly, the two vulnerabilities are in code parts that have already been subject to review - underlining that those bugs are easily overlooked.
Zur Wiedergabe der Präsentation auf das folgende Bild klicken:
Gepostet in 2011/12 Wintersemester | RUBcast Public
Tags : Praktikum zur Hackertechnik