Chain of Fools: An Exploration of Certificate Chain Validation Mishaps

16 Jan 2020 48:02 3
1,479
Black Hat Download
18 0

By James Barclay, Nick Mooney and Olabode Anise

In this talk, we explore the implications of poor cryptographic API design, how insecure certificate chain validation implementations can be exploited, and how widespread usage of APIs like Android SafetyNet are in certain verticals. We also propose recommendations for both implementers and cryptographic API authors, like choosing misuse-resistant cryptographic APIs and what to do when faced with misuse-prone cryptographic primitives.

Full Abstract & Presentation Materials: https://www.blackhat.com/eu-19/briefings/schedule/#chain-of-fools-an-exploration-of-certificate-chain-validation-mishaps-17516

Related of "Chain of Fools: An Exploration of Certificate Chain Validation Mishaps" Videos