Chain of Fools - An Exploration of Certificate Chain Validation Mishaps

Explore the critical implications of poor cryptographic API design and insecure certificate chain validation implementations in this 48-minute Black Hat conference talk. Delve into how these vulnerabilities can be exploited and examine the widespread usage of APIs like Android SafetyNet in specific verticals. Learn valuable recommendations for both implementers and cryptographic API authors, including strategies for choosing misuse-resistant cryptographic APIs and handling misuse-prone cryptographic primitives. Gain insights from speakers James Barclay, Nick Mooney, and Olabode Anise as they uncover the potential pitfalls in certificate chain validation and propose solutions to enhance security in cryptographic implementations.

Chain of Fools: An Exploration of Certificate Chain Validation Mishaps