Badkeys - Finding Weak Cryptographic Keys At Scale
Offered By: nullcon via YouTube
Course Description
Overview
Explore the world of cryptographic key vulnerabilities in this 39-minute conference talk from Nullcon Berlin. Discover "badkeys," a tool, web service, and API designed to check cryptographic keys for known weaknesses. Learn about various cryptographic vulnerabilities found in public keys used for SSH, TLS, and other protocols, including the 2008 Debian OpenSSL bug, ROCA vulnerability, and the 2021 keypair key generation vulnerability. Understand how access to large databases of cryptographic keys enables searching for vulnerabilities at scale. Gain insights into a previously theoretical vulnerability that allows easy calculation of private keys, discovered in live TLS certificates and IoT devices. Hear from security researcher and IT journalist Hanno Böck as he shares his expertise on TLS vulnerabilities and discusses the importance of identifying weak cryptographic keys in today's digital landscape.
Syllabus
Badkeys: Finding Weak Cryptographic Keys At Scale by Hanno Böck | Nullcon Berlin
Taught by
nullcon
Related Courses
Developing APIs with Google Cloud's Apigee API PlatformGoogle Cloud via Coursera Play by Play: Authenticating External App and Service Integrations with Salesforce
Pluralsight Introduction to Application Security Course (How To)
Treehouse API Security on Google Cloud's Apigee API Platform
Pluralsight Analyzing Network Protocols with Wireshark
Pluralsight