Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Streamed live on Jul 9, 2015
Between Logjam, FREAK, POODLE, and Heartbleed, TLS hasn't had a good year. TLS is the most commonly deployed cryptographic protocol, but is notoriously difficult to both implement and deploy, resulting in widespread security issues for many of the top services on the Internet. For the past three years, we've been working to improve the global state of TLS deployment through measurement-based approaches, including tracking the impact of Heartbleed and other vulnerabilities. Based on measurement data, we conducted one of the largest-ever mass vulnerability notification campaigns, discovered failures in how Diffie-Hellman has been deployed in practice, and uncovered the Logjam attack against TLS. In this talk, we'll briefly examine what TLS is and how it fails, and present the Logjam attack. We'll also discuss ZMap, the Internet-wide network scanner we use for our research, and show how ZMap helped lead to the discovery of Logjam.