HTTPS Can Byte Me
- Type
- Paper
- Tags
- SSL, web, X.509
- Authors
- Josh Sokol, Robert 'Rsnake' Hansen
- Event
- Black Hat USA 2010
- Indexed on
- Mar 27, 2013
- URL
- https://media.blackhat.com/bh-us-10/whitepapers/Hansen_Sokol/Blackhat-USA-2010-Hansen-Sokol-HTTPS-Can-Byte-Me-wp.pdf
- File name
- Blackhat-USA-2010-Hansen-Sokol-HTTPS-Can-Byte-Me-wp.pdf
- File size
- 202.5 KB
- MD5
- 5754d3d8f5b9eaee6cf444e3bcae1fa0
- SHA1
- 801c57df3b4e89127699063ccb66e0ce4ecc055b
HTTPS was created to protect confidentiality and prove integrity of content passed over the web. It has essentially become the de-facto standard for internet commerce transport security. Over the years a number of exploits have attacked the principle, underlying PKI infrastructure and overall design of HTTPS. This presentation will drive another nail in the HTTPS coffin through a number of new exploitation techniques leveraging man-in-the-middle attacks; the goal of which is to break confidentiality and integrity of HTTPS traffic. The impact of these flaws suggests a need for changes in the ways we protect the transmission of data online.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
