Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a critical security vulnerability in Microsoft IIS's implementation of hash tables in this 43-minute Black Hat conference talk. Delve into the architecture of hash tables, a fundamental data structure in computer science, and understand their susceptibility to collision attacks. Examine Microsoft's 25-year-old dynamic hashing algorithm, designed to mitigate these issues but potentially introducing new vulnerabilities. Presented by Orange Tsai, this talk scrutinizes Microsoft's design choices in IIS, the widely-used web server, and their implications for data storage throughout the HTTP stack. Gain insights into the potential weaknesses of this ubiquitous data structure and its implementation in a major software platform.
Syllabus
Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
Taught by
Black Hat
Related Courses
On the Practical - In-Security of 64-bit Block Ciphers - Collision Attacks on HTTP over TLS and OpenVPNAssociation for Computing Machinery (ACM) via YouTube How We Created the First SHA-1 Collision and What it Means for Hash Security
Black Hat via YouTube Machine Learning and Side-Channel Analysis - Part 2
TheIACR via YouTube Hash Function Cryptanalysis - Session 14
TheIACR via YouTube Collisions and Semi Free Start Collisions for Round Reduced RIPEMD 160
TheIACR via YouTube