Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Let's Attack Let's Encrypt

Black Hat via YouTube

Overview

Explore a critical analysis of Let's Encrypt's distributed domain validation system in this 29-minute Black Hat conference talk. Delve into the vulnerabilities exposed by recent off-path attacks against PKI and examine how Let's Encrypt's 2020 implementation of multi-vantage point domain validation aimed to counter on-path MitM adversaries. Uncover two central design flaws that render the system susceptible to downgrade attacks, as presented by security researcher Haya Shulman. Gain insights into the complexities of PKI security and the ongoing challenges in maintaining robust domain validation processes.

Syllabus

Let's Attack Let's Encrypt

Taught by

Black Hat

Reviews

Start your review of Let's Attack Let's Encrypt

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.