RSA is one of the most commonly used algorithm for providing confidentiality, integrity and authenticity of digital information. RSA is used to secure web traffic up to TLS 1.2. Today, web servers have a certificate which protects the traffic between a web server and a client. This certificate contains a public key of 1024, 2048 or 4096-bits. But what will happen when the key material of the certificate is not correctly generated? Are you still sure that traffic is protected and cannot be compromised? I show you one of the different ways on how a private key of a certificate can be ‘recovered’ when you only have access to the public key (certificate) of the web server.
This is a technical session, all code is developed by the presenter and demonstrated using VM’s.
Johan Loos is a security researcher, security specialist and privacy professional with interest in the area of IT security, information security, privacy and cryptography. I am passionate about technology and evangelize security to organizations to take security seriously by implementing security and privacy by design principles.
1 CPE
Johan Loos is a security researcher, security specialist and privacy professional with interest in the area of IT security, information security, privacy and cryptography. I am passionate about technology and evangelize security to organizations to take security seriously by implementing security and privacy by design principles.
Bereikbaar tijdens kantoor uren Chicago, Illinois USA (bijv. voor lidmaatschapsvragen, wachtwoord resetten, e-mailadres aanpassingen, CPE, etc.)
We gebruiken functionele en analytische cookies om ervoor te zorgen dat de website optimaal presteert. Als u doorgaat met het gebruik van deze site, gaan we ervan uit dat u hiermee akkoord gaat. Meer informatie vindt u in onze Privacyverklaring.
