Explore the critical implications of poor cryptographic API design and insecure certificate chain validation implementations in this 48-minute Black Hat conference talk. Delve into how these vulnerabilities can be exploited and examine the widespread usage of APIs like Android SafetyNet in specific verticals. Learn valuable recommendations for both implementers and cryptographic API authors, including strategies for choosing misuse-resistant cryptographic APIs and handling misuse-prone cryptographic primitives. Gain insights from speakers James Barclay, Nick Mooney, and Olabode Anise as they uncover the potential pitfalls in certificate chain validation and propose solutions to enhance security in cryptographic implementations.
Chain of Fools - An Exploration of Certificate Chain Validation Mishaps
Overview
Syllabus
Chain of Fools: An Exploration of Certificate Chain Validation Mishaps
Taught by
Black Hat
Related Courses
-
ARMOR: A Formally Verified Implementation of X.509 Certificate Chain Validation - 2024
-
Automatic Exploitation of TLS Certificate Validation Vulnerabilities
-
A SSLippery Slope - Unraveling the Hidden Dangers of Certificate Misuse
-
SymCerts - Practical Symbolic Execution for Exposing Noncompliance in X.509 Certificate Validation
-
Supply Chain Infections and the Future of Contactless Deliveries
-
When Security Gets in the Way - Pen Testing Apps That Use Certificate Pinning
