MFA-ing the Un-MFA-ble - Protecting Auth Systems' Core Secrets

MFA-ing the Un-MFA-ble - Protecting Auth Systems' Core Secrets

Black Hat via YouTube Direct link

Hardware based solution

16 of 27

16 of 27

Hardware based solution

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

MFA-ing the Un-MFA-ble - Protecting Auth Systems' Core Secrets

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 black hat USA 2021
  3. 3 SunBurst: Breach of the year
  4. 4 SunBurst APT
  5. 5 Persistence: APT VS. APT
  6. 6 Persistence in practice
  7. 7 What is SAML
  8. 8 Service Provider (SP)
  9. 9 Identity Provider (IP)
  10. 10 SAML token example
  11. 11 Back to Service Provider
  12. 12 SAML is all about decoupling
  13. 13 Golden SAML: In high level
  14. 14 Problem definition
  15. 15 MFA as a good solution reference
  16. 16 Hardware based solution
  17. 17 HSM for SAML: Scorecard
  18. 18 What if we can have multiple signers?
  19. 19 Threshold Signature Scheme (TSS)
  20. 20 Tribute to Dan Kaminsky
  21. 21 EC-DLP as a billiards game
  22. 22 Distributed EC-DLP: Doubles' billiards game
  23. 23 Threshold Signatures (TSS): 1 becomes 2
  24. 24 TSS SAML flow: In high level
  25. 25 TSS for SAML: Scorecard
  26. 26 Demo Architecture - Setup Phase
  27. 27 Demo Architecture - Signing Phase

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.