[langsec-discuss] Breaking X.509 cert validation with frankencerts

Meredith L. Patterson clonearmy at gmail.com
Sun Apr 6 18:26:41 UTC 2014

Oh, that's clever. I'd been headed down the symbolic-execution path for
X.509 parse tree differentials, but GA fuzzing bred from real-world certs
and synthetic cert parts is both hilarious and clearly effective. I wonder
if we should invite them for an afternoon presentation, if they'll be
around in time.


On Sun, Apr 6, 2014 at 8:14 PM, Will Sargent <will.sargent at gmail.com> wrote:

> It turns out that X.509 is sufficiently complex that you can fuzz
> certificates by stitching together seeds into a "frankencert" and use them
> to find holes in TLS implementations.  They find 208 differences in between
> implementations, including some nasty ones in MatrixSSL and GnuTLS.
> https://www.cs.utexas.edu/~shmat/shmat_oak14.pdf
> https://github.com/sumanj/frankencert
> Will.
> _______________________________________________
> langsec-discuss mailing list
> langsec-discuss at mail.langsec.org
> https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.langsec.org/pipermail/langsec-discuss/attachments/20140406/ebcd3371/attachment.html>

More information about the langsec-discuss mailing list