Explore the technical intricacies of TLS 1.3's 0-RTT feature and its associated security risks in this 36-minute Black Hat conference talk. Witness real-world replay attacks against TLS 1.3 libraries and browsers through Proof of Concepts demonstrations. Gain insights into potential solutions and mitigation controls to prevent these attacks when deploying software using TLS 1.3-supported libraries. Presented by Alejo Murillo and Alfonso Garcia Alguacil, this informative session equips developers and security professionals with essential knowledge to enhance their understanding of TLS 1.3 vulnerabilities and protective measures.
Overview
Syllabus
Playback: A TLS 1.3 Story
Taught by
Black Hat
Related Courses
-
What's New in TLS 1.3
-
Automated Analysis and Verification of TLS 1.3 - 0-RTT, Resumption and Delayed Authentication
-
Multiple Handshakes Security of TLS 1.3 Candidates
-
Verified Models and Reference Implementations for the TLS 1.3 Standard Candidate
-
Implementing and Proving the TLS 1.3 Record Layer
-
Protecting TLS from Legacy Crypto
