ALPACA - Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the vulnerabilities in TLS authentication through this 44-minute Black Hat conference talk. Delve into the concept of Application Layer Protocol Confusion (ALPACA) and its potential for man-in-the-middle attacks on TLS traffic. Learn how attackers can exploit the lack of binding between TCP connections and intended application layer protocols to redirect TLS traffic to different service endpoints. Gain insights from security researchers Marcus Brinkmann and Juraj Somorovsky as they analyze and discuss mitigation strategies for these cracks in TLS authentication across various protocols such as HTTP, SMTP, IMAP, POP3, and FTP.
Syllabus
ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube