Overview
Explore the intricacies of BigNum vulnerabilities in cryptography implementations during this 49-minute Black Hat conference talk. Delve into the implications of bugs in multi-precision integer arithmetic and their potential for exploitation in asymmetric cryptographic primitives. Learn about bug patterns, exploitation requirements, and strategies for automated bug hunting. Examine case studies including CVE-2014-3570 in OpenSSL, GMP 5 multiplication bugs, and issues in libgcrypt 1.6.0. Discuss challenges in symbolic execution, alternative property-based bug hunting methods, and fuzzing techniques. Gain insights into assessing and exploiting these vulnerabilities to enhance cryptographic security.
Syllabus
Intro
Outline
Motivation: break crypto, maybe?
Introduction to BigNum Arithmetic
Widely used implementations
Anatomy of CVE-2014-3570
OpenSSL's impact assessment (1/2)
Counterargument
GMP 5 mult bugs
The patch
Bug pattern: carry mispropagation
libgcrypt 1.6.0
Symbolic Execution Challenges
Galois' SAW
Alternative property-based bug hunting
Fuzzing
Conclusions
Bibliography
Taught by
Black Hat