Hunting Invisible Salamanders: Cryptographic (in)Security with Attacker-Controlled Keys

Deploying new cryptography often means using existing building blocks in new ways. A prime example is authenticated encryption (AE). Until recently, AE schem...

Hunting Invisible Salamanders: Cryptographic (in)Security with Attacker-Controlled Keys
Black Hat
1.0K views โ€ข Feb 26, 2021
Hunting Invisible Salamanders: Cryptographic (in)Security with Attacker-Controlled Keys

About this video

Deploying new cryptography often means using existing building blocks in new ways. A prime example is authenticated encryption (AE). Until recently, AE schemes like Galois/Counter Mode (GCM) were mostly used in settings where key exchange first established a hidden, random encryption key (think TLS or IPSec). Increasingly, though, schemes like GCM are also being used in settings where the attacker knows, or can guess, the key. This attack setting is the subject of my talk. It is aimed at security professionals who design, implement, and deploy cryptography, but will be accessible to a general security audience.

By Paul Grubbs

Full Abstract & Presentation Materials: https://www.blackhat.com/us-20/briefings/schedule/#hunting-invisible-salamanders-cryptographic-insecurity-with-attacker-controlled-keys-20864

Video Information

Views

1.0K

Likes

11

Duration

30:30

Published

Feb 26, 2021

User Reviews

4.2
(1)
Rate:

Related Trending Topics

LIVE TRENDS

Related trending topics. Click any trend to explore more videos.

No specific trending topics match this video yet.

Explore All Trends