Lessons from Trusting JavaScript Cryptography - Biting into the Forbidden Fruit
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the controversial world of JavaScript cryptography in this 59-minute conference talk from AppSecEU 2014. Delve into the testing of high-profile crypto libraries, applications, and systems, uncovering hilarious bugs and security vulnerabilities. Compare these findings to issues in established cryptography implementations like OpenSSL and GnuPGP. Question long-held beliefs about JavaScript crypto's inherent insecurity and examine potential fixes. Gain insights into various attack vectors, including XSS, man-in-the-middle attacks, PRNGs, and timing side-channels. Leave with an updated, opinionated perspective on the state of JavaScript cryptography and its potential for security comparable to other implementations.
Syllabus
Krzysztof Kotowicz - Biting into the Forbidden Fruit. Lessons from Trusting JavaScript Crypto.
Taught by
OWASP Foundation
Related Courses
Internet History, Technology, and SecurityUniversity of Michigan via Coursera Client-Server Communication
Google via Udacity HTTP & Web Servers
Udacity Network Security
Georgia Institute of Technology via Udacity Web Security Fundamentals
KU Leuven University via edX