|
Thursday, 3 April 2008
Glasgow East-117
1500-1550
Abstract: The public Internet and many private enterprise and infrastructure networks have used dual key (a/k/a public key) cryptography for over a decade. So-called "Public Key Infrastructure" systems are at the core of the modern Internet. Many of the engineering decisions developed when PKI's were first being deployed have been forgotten and today's implementations are at risk for a variety of reasons. This presentation will discuss attack strategies against PKI processes, infrastructure components, and implementations which use TLS and other cryptographic protocols which include digital certificate processing. Attack strategies, significant reconnaissance findings, and viable attacks against currently fielded software will be presented. The intention of this presentation is to present awareness of new classes of (crypto-related) attacks and to foster a discussion about how to test and validate certificate/PKI implementations from a security perspective.
Speaker Bio: Rodney Thayer is a private network security consultant in Mountain View, California. His practice includes exploit analysis, architecting secure networks, and cryptography. His background is in the development and deployment of network security devices, having participated in the development of various implementations of IPsec, SSL (TLS), and digital certificate systems. He has also worked in the area of security network management.
|
