[langsec-discuss] Breaking X.509 cert validation with frankencerts

Andrew munin at mimisbrunnr.net
Sun Apr 6 18:30:14 UTC 2014


The observation in this paper seems to be a key idea behind a new DARPA program, “Mining and Understanding Software Enclaves” 

http://www.darpa.mil/Our_Work/I2O/Programs/Mining_and_Understanding_Software_Enclaves_(MUSE).aspx

The proposers day program slides make for some interesting reading after this paper! 

On Apr 6, 2014, at 2:14 PM, Will Sargent <will.sargent at gmail.com> wrote:

> It turns out that X.509 is sufficiently complex that you can fuzz certificates by stitching together seeds into a "frankencert" and use them to find holes in TLS implementations.  They find 208 differences in between implementations, including some nasty ones in MatrixSSL and GnuTLS.
> 
> https://www.cs.utexas.edu/~shmat/shmat_oak14.pdf
> 
> https://github.com/sumanj/frankencert
> 
> Will.
> _______________________________________________
> langsec-discuss mailing list
> langsec-discuss at mail.langsec.org
> https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.langsec.org/pipermail/langsec-discuss/attachments/20140406/2b2e42dc/attachment.html>


More information about the langsec-discuss mailing list