YoVDO

Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Software Architecture Courses Collision Attacks Courses

Course Description

Overview

Explore a critical security vulnerability in Microsoft IIS's implementation of hash tables in this 43-minute Black Hat conference talk. Delve into the architecture of hash tables, a fundamental data structure in computer science, and understand their susceptibility to collision attacks. Examine Microsoft's 25-year-old dynamic hashing algorithm, designed to mitigate these issues but potentially introducing new vulnerabilities. Presented by Orange Tsai, this talk scrutinizes Microsoft's design choices in IIS, the widely-used web server, and their implications for data storage throughout the HTTP stack. Gain insights into the potential weaknesses of this ubiquitous data structure and its implementation in a major software platform.

Syllabus

Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS


Taught by

Black Hat

Related Courses

On the Practical - In-Security of 64-bit Block Ciphers - Collision Attacks on HTTP over TLS and OpenVPN
Association for Computing Machinery (ACM) via YouTube
How We Created the First SHA-1 Collision and What it Means for Hash Security
Black Hat via YouTube
Machine Learning and Side-Channel Analysis - Part 2
TheIACR via YouTube
Hash Function Cryptanalysis - Session 14
TheIACR via YouTube
Collisions and Semi Free Start Collisions for Round Reduced RIPEMD 160
TheIACR via YouTube