Free courses from frontend to fullstack and AI
AI Engineer - Learn how to integrate AI into software applications
Overview
Build a Learning Habit
Download Class Central's free printable study calendar
Download for Free
Explore the critical implications of poor cryptographic API design and insecure certificate chain validation implementations in this 48-minute Black Hat conference talk. Delve into how these vulnerabilities can be exploited and examine the widespread usage of APIs like Android SafetyNet in specific verticals. Learn valuable recommendations for both implementers and cryptographic API authors, including strategies for choosing misuse-resistant cryptographic APIs and handling misuse-prone cryptographic primitives. Gain insights from speakers James Barclay, Nick Mooney, and Olabode Anise as they uncover the potential pitfalls in certificate chain validation and propose solutions to enhance security in cryptographic implementations.
Syllabus
Chain of Fools: An Exploration of Certificate Chain Validation Mishaps
Taught by
Black Hat