Study the weaknesses of WPA-TKIP encryption and get up to speed on the most secure cryptographic APIs at Black Hat Europe.
When Black Hat Europe returns to London this December it brings with it a smorgasbord of practical cybersecurity tools and teachings, including a bunch of great Cryptography Briefings that aim to give you an edge when it comes to implementing (or cracking) encryption.
Practical Side-Channel Attacks Against WPA-TKIP promises to show you some new tricks for attacking WPA-TKIP Wi-Fi network encryption, an outdated standard now that the Wi-Fi Alliance has released the more secure WPA3 protocol. However, researchers will show you WPA-TKIP is still being used on over 40 percent of the Wi-Fi networks they tested across the U.S., Germany, and Belgium. Expect to walk away with a much better understanding of the flaws in WPA-TKIP, and how to analyze and exploit them in your own work.
And in Chain of Fools: An Exploration of Certificate Chain Validation Mishaps the folks at Duo Security will walk you through the implications of poor cryptographic API design, how insecure certificate chain validation implementations can be exploited, and how widespread usage of APIs like Android SafetyNet are in certain verticals. You'll also get some useful advice for both implementers and cryptographic API authors, like how to choose misuse-resistant cryptographic APIs and what to do when faced with misuse-prone cryptographic primitives.
Get more information on these and lots of other useful content in the Briefings schedule for Black Hat Europe, which returns to The Excel in London December 2-5, 2019! For more information on what’s happening at the event and how to register, check out the Black Hat website.