Let's Attack Let's Encrypt
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a critical analysis of Let's Encrypt's distributed domain validation system in this 29-minute Black Hat conference talk. Delve into the vulnerabilities exposed by recent off-path attacks against PKI and examine how Let's Encrypt's 2020 implementation of multi-vantage point domain validation aimed to counter on-path MitM adversaries. Uncover two central design flaws that render the system susceptible to downgrade attacks, as presented by security researcher Haya Shulman. Gain insights into the complexities of PKI security and the ongoing challenges in maintaining robust domain validation processes.
Syllabus
Let's Attack Let's Encrypt
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network