YoVDO

Badkeys - Finding Weak Cryptographic Keys At Scale

Offered By: nullcon via YouTube

Tags

nullcon Courses Cybersecurity Courses Cryptography Courses TLS Courses SSH Courses Cryptographic Vulnerabilities Courses

Course Description

Overview

Explore the world of cryptographic key vulnerabilities in this 39-minute conference talk from Nullcon Berlin. Discover "badkeys," a tool, web service, and API designed to check cryptographic keys for known weaknesses. Learn about various cryptographic vulnerabilities found in public keys used for SSH, TLS, and other protocols, including the 2008 Debian OpenSSL bug, ROCA vulnerability, and the 2021 keypair key generation vulnerability. Understand how access to large databases of cryptographic keys enables searching for vulnerabilities at scale. Gain insights into a previously theoretical vulnerability that allows easy calculation of private keys, discovered in live TLS certificates and IoT devices. Hear from security researcher and IT journalist Hanno Böck as he shares his expertise on TLS vulnerabilities and discusses the importance of identifying weak cryptographic keys in today's digital landscape.

Syllabus

Badkeys: Finding Weak Cryptographic Keys At Scale by Hanno Böck | Nullcon Berlin


Taught by

nullcon

Related Courses

Developing APIs with Google Cloud's Apigee API Platform
Google Cloud via Coursera
Play by Play: Authenticating External App and Service Integrations with Salesforce
Pluralsight
Introduction to Application Security Course (How To)
Treehouse
API Security on Google Cloud's Apigee API Platform
Pluralsight
Analyzing Network Protocols with Wireshark
Pluralsight