Description: http://data.proidea.org.pl/confidence/9edycja/materialy/prezentacje/GregorKopf.pdf Over the years the identification and exploitation of high-level bugs has become more important. Especially cryptographic implementations can easily be affected by subtle bugs. This talk shows two examples of bugs in crypto related code: one in a message authentication code implementation and one in the use of a random number generator, showing the effects of improper use of otherwise good cryptographic primitives. For the theoretically inclined, a part of the talk will be include a bit of math. For the more practical people, the full exploitation of the bugs will be shown. Interestingly, the two vulnerabilities are in code parts that have already been subject to review - underlining that those bugs are easily overlooked.
Tags: securitytube , Confidence , hacking , hackers , information security , convention , computer security , Confidence 11 , Confidence-2011 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.