.NET Secure Coding Practices
AppSec-Labs Silver Sponsership
תאריך: 15 בספטמבר 2011
מרצה: ארז מטולה
Cryptography, when implemented properly, can solve many day-to-day security tasks such as confidentially, integrity, authentication, secure random number generation, and so on. But the problem is, too many things can go wrong…
In this presentation we'll examine some of the most common mistakes developers tend to do when dealing with crypto. During the presentation we'll examine the influence of mistakes such as failure to verify a certificate, replay attacks, client side encryption, crypto DoS, and so on.
In other words, we'll see how attackers can break crypto based mechanisms deployed in applications without breaking the crypto itself – but just going around them.
קישור: OWASP Israel 2011