Completed
Anatomy of CVE-2014-3570
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Assessing and Exploiting BigNum Vulnerabilities
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Outline
- 3 Motivation: break crypto, maybe?
- 4 Introduction to BigNum Arithmetic
- 5 Widely used implementations
- 6 Anatomy of CVE-2014-3570
- 7 OpenSSL's impact assessment (1/2)
- 8 Counterargument
- 9 GMP 5 mult bugs
- 10 The patch
- 11 Bug pattern: carry mispropagation
- 12 libgcrypt 1.6.0
- 13 Symbolic Execution Challenges
- 14 Galois' SAW
- 15 Alternative property-based bug hunting
- 16 Fuzzing
- 17 Conclusions
- 18 Bibliography