POSITIVE HACK DAYS



ORGANIZER

Tech


Download the full program in PDF.

Misuse of "Secure" Protocols and Their Exploitation

Author: Vladimir Dubrovin

It’s a common situation when protocols designed for information protection are used without understanding their purpose, specification and limits. This results in serious flaws, which at best make the protection useless, and in worst case scenarios bring new, much more serious security problems. The talk will cover cases of protocol misuse, both well-known (related to SSL/TLS and Onion Routing) and previously unexamined. The speaker will demonstrate new attack vectors and expose several 0-day vulnerabilities (in Google, Yandex, and Mail.ru).

  • Language
  • English

Vladimir Dubrovin (aka 3ARA3A) is a graduate of the Lobachevsky State University of Nizhni Novgorod (Department of Computing Mathematics and Cybernetics), the editor of securityvulns.ru and developer of 3proxy.

Vladimir Dubrovin Vladimir Dubrovin

Back to the list