Explore a critical security vulnerability in Microsoft IIS's implementation of hash tables in this 43-minute Black Hat conference talk. Delve into the architecture of hash tables, a fundamental data structure in computer science, and understand their susceptibility to collision attacks. Examine Microsoft's 25-year-old dynamic hashing algorithm, designed to mitigate these issues but potentially introducing new vulnerabilities. Presented by Orange Tsai, this talk scrutinizes Microsoft's design choices in IIS, the widely-used web server, and their implications for data storage throughout the HTTP stack. Gain insights into the potential weaknesses of this ubiquitous data structure and its implementation in a major software platform.
Overview
Syllabus
Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
Taught by
Black Hat