dragonfly handshake of
play

Dragonfly Handshake of WPA3 and EAP-pwd Mathy Vanhoef and Eyal - PowerPoint PPT Presentation

Jul 28, 2023 •194 likes •818 views

Dragonblood : Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd Mathy Vanhoef and Eyal Ronen Real World Crypto, New York, 10 January 2020. Background: Wi-Fi Security 1999: Wired Equivalent Privacy (WEP) Broken in 2001 [FMS01] 2003:

  1. Dragonblood : Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd Mathy Vanhoef and Eyal Ronen Real World Crypto, New York, 10 January 2020.

  2. Background: Wi-Fi Security › 1999: Wired Equivalent Privacy (WEP) Broken in 2001 [FMS01] › 2003: Wi-Fi Protected Access (WPA) › 2004: Wi-Fi Protected Access 2 (WPA2) Allows offline password brute-force KRACK and Kraken attack [VP][2017-8] 2

  3. Background: Dragonfly in WPA3 and EAP-pwd = Password Authenticated Key Exchange (PAKE) Negotiate Provide mutual session key authentication Prevent offline dictionary attacks 3

  4. Dragonfly Pick random 𝑠 𝐵 and 𝑛 𝐵 Pick random 𝑠 𝐶 and 𝑛 𝐶 𝑡 𝐵 = 𝑠 𝐵 + 𝑛 𝐵 mod 𝑟 𝑡 𝐶 = 𝑠 𝐶 + 𝑛 𝐶 mod 𝑟 𝐹 𝐵 = −𝑛 𝐵 ∙ 𝑄 𝐹 𝐶 = −𝑛 𝐶 ⋅ 𝑄 Convert password to group element P 4

  5. Dragonfly Pick random 𝑠 𝐵 and 𝑛 𝐵 Pick random 𝑠 𝐶 and 𝑛 𝐶 𝑡 𝐵 = 𝑠 𝐵 + 𝑛 𝐵 mod 𝑟 𝑡 𝐶 = 𝑠 𝐶 + 𝑛 𝐶 mod 𝑟 𝐹 𝐵 = −𝑛 𝐵 ∙ 𝑄 𝐹 𝐶 = −𝑛 𝐶 ⋅ 𝑄 Commit( 𝑡 𝐵 , 𝐹 𝐵 ) Commit( 𝑡 𝐶 , 𝐹 𝐶 ) Verify 𝑡 𝐶 and 𝐹 𝐶 Verify 𝑡 𝐵 and 𝐹 𝐵 𝐿 = 𝑠 𝐵 ⋅ 𝑡 𝐶 ∙ 𝑄 + 𝐹 𝐶 𝐿 = 𝑠 𝐶 ⋅ 𝑡 𝐵 ∙ 𝑄 + 𝐹 𝐵 𝜆 = Hash 𝐿 𝜆 = Hash 𝐿 𝑢𝑠 = 𝑡 𝐵 , 𝐹 𝐵 , 𝑡 𝐶 , 𝐹 𝐶 𝑢𝑠 = 𝑡 𝐶 , 𝐹 𝐶 , 𝑡 𝐵 , 𝐹 𝐵 𝑑 𝐵 = HMAC(𝜆, 𝑢𝑠) 𝑑 𝐶 = HMAC(𝜆, 𝑢𝑠) 5

  6. Dragonfly Pick random 𝑠 𝐵 and 𝑛 𝐵 Pick random 𝑠 𝐶 and 𝑛 𝐶 𝑡 𝐵 = 𝑠 𝐵 + 𝑛 𝐵 mod 𝑟 𝑡 𝐶 = 𝑠 𝐶 + 𝑛 𝐶 mod 𝑟 𝐹 𝐵 = −𝑛 𝐵 ∙ 𝑄 𝐹 𝐶 = −𝑛 𝐶 ⋅ 𝑄 Commit( 𝑡 𝐵 , 𝐹 𝐵 ) Negotiate shared key Commit( 𝑡 𝐶 , 𝐹 𝐶 ) Verify 𝑡 𝐶 and 𝐹 𝐶 Verify 𝑡 𝐵 and 𝐹 𝐵 𝐿 = 𝑠 𝐵 ⋅ 𝑡 𝐶 ∙ 𝑄 + 𝐹 𝐶 𝐿 = 𝑠 𝐶 ⋅ 𝑡 𝐵 ∙ 𝑄 + 𝐹 𝐵 𝜆 = Hash 𝐿 𝜆 = Hash 𝐿 𝑢𝑠 = 𝑡 𝐵 , 𝐹 𝐵 , 𝑡 𝐶 , 𝐹 𝐶 𝑢𝑠 = 𝑡 𝐶 , 𝐹 𝐶 , 𝑡 𝐵 , 𝐹 𝐵 𝑑 𝐵 = HMAC(𝜆, 𝑢𝑠) 𝑑 𝐶 = HMAC(𝜆, 𝑢𝑠) 6

  7. Dragonfly Verify 𝑡 𝐶 and 𝐹 𝐶 Verify 𝑡 𝐵 and 𝐹 𝐵 𝐿 = 𝑠 𝐵 ⋅ 𝑡 𝐶 ∙ 𝑄 + 𝐹 𝐶 𝐿 = 𝑠 𝐶 ⋅ 𝑡 𝐵 ∙ 𝑄 + 𝐹 𝐵 𝜆 = Hash 𝐿 𝜆 = Hash 𝐿 𝑢𝑠 = 𝑡 𝐵 , 𝐹 𝐵 , 𝑡 𝐶 , 𝐹 𝐶 𝑢𝑠 = 𝑡 𝐶 , 𝐹 𝐶 , 𝑡 𝐵 , 𝐹 𝐵 𝑑 𝐵 = HMAC(𝜆, 𝑢𝑠) 𝑑 𝐶 = HMAC(𝜆, 𝑢𝑠) Confirm( 𝑑 𝐵 ) Confirm( 𝑑 𝐶 ) Confirm peer negotiated same key 7

  8. Dragonfly Verify 𝑡 𝐶 and 𝐹 𝐶 Verify 𝑡 𝐵 and 𝐹 𝐵 𝐿 = 𝑠 𝐵 ⋅ 𝑡 𝐶 ∙ 𝑄 + 𝐹 𝐶 𝐿 = 𝑠 𝐶 ⋅ 𝑡 𝐵 ∙ 𝑄 + 𝐹 𝐵 𝜆 = Hash 𝐿 𝜆 = Hash 𝐿 𝑢𝑠 = 𝑡 𝐵 , 𝐹 𝐵 , 𝑡 𝐶 , 𝐹 𝐶 𝑢𝑠 = 𝑡 𝐶 , 𝐹 𝐶 , 𝑡 𝐵 , 𝐹 𝐵 How to derive P from a password? 𝑑 𝐵 = HMAC(𝜆, 𝑢𝑠) 𝑑 𝐶 = HMAC(𝜆, 𝑢𝑠) 1. MODP groups Confirm( 𝑑 𝐵 ) 2. Elliptic curves Confirm( 𝑑 𝐶 ) 8

  9. Dragonfly Verify 𝑡 𝐶 and 𝐹 𝐶 Verify 𝑡 𝐵 and 𝐹 𝐵 𝐿 = 𝑠 𝐵 ⋅ 𝑡 𝐶 ∙ 𝑄 + 𝐹 𝐶 𝐿 = 𝑠 𝐶 ⋅ 𝑡 𝐵 ∙ 𝑄 + 𝐹 𝐵 𝜆 = Hash 𝐿 𝜆 = Hash 𝐿 𝑢𝑠 = 𝑡 𝐵 , 𝐹 𝐵 , 𝑡 𝐶 , 𝐹 𝐶 𝑢𝑠 = 𝑡 𝐶 , 𝐹 𝐶 , 𝑡 𝐵 , 𝐹 𝐵 How to derive P from a password? 𝑑 𝐵 = HMAC(𝜆, 𝑢𝑠) 𝑑 𝐶 = HMAC(𝜆, 𝑢𝑠) 1. MODP groups Confirm( 𝑑 𝐵 ) 2. Elliptic curves Confirm( 𝑑 𝐶 ) 9

  10. Hash-to-curve: EAP-pwd for (counter = 1; counter < 40; counter++) x = hash(pw, addr1, addr2, counter) if x >= p: continue if square_root_exists(x) and not P: return (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) 10

  11. Hash-to-curve: EAP-pwd for (counter = 1; counter < 40; counter++) x = hash(pw, addr1, addr2, counter) if x >= p: continue if square_root_exists(x) and not P: return (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) Half of x values aren’t on the curve 11

  12. Hash-to-curve: EAP-pwd for (counter = 1; counter < 40; counter++) x = hash(pw, addr1, addr2, counter) if x >= p: continue if square_root_exists(x) and not P: return (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) 12

  13. Hash-to-curve: EAP-pwd for (counter = 1; counter < 40; counter++) x = hash(pw, addr1, addr2, counter) if x >= p: continue #iterations depends on password if square_root_exists(x) and not P: (and public MAC addresses) return (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) 13

  14. Hash-to-curve: EAP-pwd for (counter = 1; counter < 40; counter++) x = hash(pw, addr1, addr2, counter) if x >= p: continue #iterations depends on password if square_root_exists(x) and not P: (and public MAC addresses) return (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) No timing leak countermeasures, despite warnings by IETF & CFRG! 14

  15. Attacking Clients 15

  16. Attacking Access Points 16

  17. Leaked information: #iterations needed Client address addrA Measured 17

  18. Leaked information: #iterations needed Client address addrA Measured Password 1 Password 2 Password 3 18

  19. Leaked information: #iterations needed Client address addrA Measured Password 1 Password 2 Password 3 19

  20. What information is leaked? for (counter = 1; counter < 40; counter++) x = hash(pw, addr1, addr2, counter) if x >= p: continue Spoof client address to obtain if square_root_exists(x) and not P: different execution & leak new data return (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) 20

  21. Leaked information: #iterations needed Client address addrA addrB Measured Password 1 Password 2 Password 3 21

  22. Leaked information: #iterations needed Client address addrA addrB Measured Password 1 Password 2 Password 3 22

  23. Leaked information: #iterations needed Client address addrA addrB addrC Measured Password 1 Password 2 Password 3 23

  24. Leaked information: #iterations needed Client address addrA addrB addrC Measured Forms a signature of the password Password 1 Password 2 Need ~17 addresses to determine password in RockYou ( ~𝟐𝟏 𝟖 ) dump Password 3 24

  25. Raspberry Pi 1 B+: differences are measurable 25

  26. Raspberry Pi 1 B+: differences are measurable EAP-pwd client: ~30 measurements / address Using Crosby’s box test 26

  27. Hash-to-curve: EAP-pwd for (counter = 1; counter < 40; counter++) x = hash(pw, counter, addr1, addr2) if x >= p: continue if square_root_exists(x) and not P: return (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) 27

  28. Hash-to-curve: WPA3 for (counter = 1; counter < 40 ; counter++) x = hash(pw, counter, addr1, addr2) if x >= p: continue if square_root_exists(x) and not P : P = (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) pw = rand() WPA3: always do 40 return P loops & return first P 28

  29. Hash-to-curve: WPA3 for (counter = 1; counter < 40; counter++) x = hash(pw, counter, addr1, addr2) if x >= p: continue if square_root_exists(x) and not P: P = (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) Blinded constant time pw = rand() square root test return P 29

  30. Hash-to-curve: WPA3 for (counter = 1; counter < 40; counter++) x = hash(pw, counter, addr1, addr2) if x >= p: continue if square_root_exists(x) and not P: P = (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) pw = rand() return P Extra iterations based on random password 30

  31. Hash-to-curve: WPA3 for (counter = 1; counter < 40; counter++) x = hash(pw, counter, addr1, addr2) if x >= p: continue Truncate to size of prime p if square_root_exists(x) and not P: P = (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) pw = rand() return P 31

  32. Hash-to-curve: WPA3 for (counter = 1; counter < 40; counter++) x = hash(pw, counter, addr1, addr2) if x >= p: continue if square_root_exists(x) and not P: P = (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) Brainpool: 𝑞 = 0xA9FB57DBA1EEA9BC… pw = rand()  High chance that x >= p return P 32

  33. Hash-to-curve: WPA3 for (counter = 1; counter < 40; counter++) x = hash(pw, counter, addr1, addr2) if x >= p: continue = rejection sampling if square_root_exists(x) and not P: P = (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) pw = rand() return P 33

  34. Hash-to-curve: WPA3 for (counter = 1; counter < 40; counter++) x = hash(pw, counter, addr1, addr2) if x >= p: continue if square_root_exists(x) and not P: P = (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) pw = rand() return P Code may be skipped 34

  35. Hash-to-curve: WPA3 for (counter = 1; counter < 40; counter++) x = hash(pw, counter, addr1, addr2) if x >= p: continue if square_root_exists(x) and not P: P = (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) pw = rand() return P #Times skipped depends on password 35

  36. Hash-to-curve: WPA3 for (counter = 1; counter < 40; counter++) x = hash(pw, counter, addr1, addr2) if x >= p: continue if square_root_exists(x) and not P: P = (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) pw = rand() return P #Times skipped depends on password & random password in extra itreations 36

  37. Hash-to-curve: WPA3 for (counter = 1; counter < 40; counter++) x = hash(pw, counter, addr1, addr2) if x >= p: continue if square_root_exists(x) and not P: P = (x, 𝑦 3 + 𝑏𝑦 + 𝑐 ) pw = rand() return P Variance ~ when password element was found 37

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd Mathy Vanhoef and Eyal Ronen

Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd Mathy Vanhoef and Eyal Ronen

Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd Mathy Vanhoef and Eyal Ronen ANRW. Montreal, Canada, 22 July 2019. Background: Dragonfly in WPA3 = Password Authenticated Key Exchange (PAKE) Negotiate Provide mutual session

1.04k views • 45 slides
Dragonblood : Weaknesses in WPA3s Dragonfly Handshake Mathy Vanhoef and Eyal Ronen BruCON.

Dragonblood : Weaknesses in WPA3s Dragonfly Handshake Mathy Vanhoef and Eyal Ronen BruCON.

Dragonblood : Weaknesses in WPA3s Dragonfly Handshake Mathy Vanhoef and Eyal Ronen BruCON. Belgium, 11 October 2019. 2 Background: Dragonfly in WPA3 and EAP-pwd = Password Authenticated Key Exchange (PAKE) Negotiate Provide mutual

1.97k views • 56 slides
Dragonblood : Attacking the Dragonfly Handshake of WPA3 Mathy Vanhoef and Eyal Ronen Black Hat

Dragonblood : Attacking the Dragonfly Handshake of WPA3 Mathy Vanhoef and Eyal Ronen Black Hat

Dragonblood : Attacking the Dragonfly Handshake of WPA3 Mathy Vanhoef and Eyal Ronen Black Hat USA. Las Vegas, 7 August 2019. Background: Dragonfly in WPA3 and EAP-pwd = Password Authenticated Key Exchange (PAKE) Negotiate Provide mutual

532 views • 50 slides
Dragonfly Handshake of WPA3 and EAP-pwd Mathy Vanhoef and Eyal Ronen Background: Wi-Fi Security

Dragonfly Handshake of WPA3 and EAP-pwd Mathy Vanhoef and Eyal Ronen Background: Wi-Fi Security

Dragonblood : Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd Mathy Vanhoef and Eyal Ronen Background: Wi-Fi Security 1999: Wired Equivalent Privacy (WEP) RC4 with 40 (!) or 104 bits key Broken in 2001 [FMS01] Deprecated 2004 2

1.58k views • 105 slides
Goals Understand use of Dragonfly from game Dragonfly programmers perspective Mostly,

Goals Understand use of Dragonfly from game Dragonfly programmers perspective Mostly,

2/7/2012 Goals Understand use of Dragonfly from game Dragonfly programmers perspective Mostly, Project 1 Provide overview of Dragonfly architecture Class diagrams Discuss details needed to fully implement Dragonfly classes

900 views • 42 slides
Dragonblood: A Security Analysis of WPA3s SAE Handshake Mathy Vanhoef and Eyal Ronen WAC

Dragonblood: A Security Analysis of WPA3s SAE Handshake Mathy Vanhoef and Eyal Ronen WAC

Dragonblood: A Security Analysis of WPA3s SAE Handshake Mathy Vanhoef and Eyal Ronen WAC Workshop @ CRYPTO, Santa Barbara, 17 August 2019. Background: Dragonfly in WPA3 and EAP-pwd = Password Authenticated Key Exchange (PAKE) Negotiate

1.04k views • 69 slides
Threads and DragonFly BSD Improving Thread Performance on DragonFly BSD Conduits for program

Threads and DragonFly BSD Improving Thread Performance on DragonFly BSD Conduits for program

Threads and DragonFly BSD Improving Thread Performance on DragonFly BSD Conduits for program execution Concurrency A property that allows several vessels of execution to be run without a predefined order. Parallelism A property that

625 views • 23 slides
Clockless IC Design using Handshake Technology Ad Peeters Handshake Solutions Philips

Clockless IC Design using Handshake Technology Ad Peeters Handshake Solutions Philips

Clockless IC Design using Handshake Technology Ad Peeters Handshake Solutions Philips Electronics Philips Semiconductors Philips Corporate Technologies Philips Medical Systems Lighting, ... Philips Research Philips IP &amp; Standards,

474 views • 26 slides
Create a Handshake Account 1. Log into go.ucr.edu/ucrhandshake with your UCR username and

Create a Handshake Account 1. Log into go.ucr.edu/ucrhandshake with your UCR username and

Create a Handshake Account 1. Log into go.ucr.edu/ucrhandshake with your UCR username and password. 2. Complete your UCR Handshake profile by adding your resume, photos, skills and more. Make your profile public to employers. 3. Click Jobs

551 views • 24 slides
Adaptive Routing in Dragonfly Networks Peyman Faizian , ShafayatRahman Scott Pakin AtiqulMollah,

Adaptive Routing in Dragonfly Networks Peyman Faizian , ShafayatRahman Scott Pakin AtiqulMollah,

Traffic Pattern-based C Adaptive Routing in Dragonfly Networks Peyman Faizian , ShafayatRahman Scott Pakin AtiqulMollah, Xin Yuan Mike Lang Florida State University Los Alamos National Laboratory Motivation Dragonfly has been known as a

491 views • 33 slides
On the Provable Security of the Dragonfly protocol Jean Lancrenon 1 Marjan krobot 1 1

On the Provable Security of the Dragonfly protocol Jean Lancrenon 1 Marjan krobot 1 1

PAKEs Dragonfly Results Conclusion On the Provable Security of the Dragonfly protocol Jean Lancrenon 1 Marjan krobot 1 1 Interdisciplinary Centre for Security, Reliability and Trust University of Luxembourg ISC 2015 1 / 18 PAKEs

915 views • 65 slides
Security Handshake Pitfalls Slide 1 Login with Shared Secret: Variant 1 B: R , A: K f R g ,

Security Handshake Pitfalls Slide 1 Login with Shared Secret: Variant 1 B: R , A: K f R g ,

handshake 1 Security Handshake Pitfalls Slide 1 Login with Shared Secret: Variant 1 B: R , A: K f R g , where K fg can be hash AB authentication not mutual connection hijacking off-line password attack compromise of database

424 views • 16 slides
Student Login Path: My Baker My Services Career Services Handshake

Student Login Path: My Baker My Services Career Services Handshake

Student Login Path: My Baker My Services Career Services Handshake Handshake (Single Sign-on) My Profile How do I edit my education information? Uploading Resume Click on your name towards the top right

551 views • 22 slides
Asynchronous circuit technology is on the market Overview Introduction Handshake

Asynchronous circuit technology is on the market Overview Introduction Handshake

Asynchronous circuit technology is on the market Overview Introduction Handshake Solutions Handshake Technology Counting asynchronous millionaires More metrics # trained people # competition # asynchronous

528 views • 36 slides
1 Description Mur Modeling Prior to 4-way handshake, we assume:

1 Description Mur Modeling Prior to 4-way handshake, we assume:

Scenario: 802.11 Analysis of 4-way handshake protocol in IEEE 802.11i Wired Network Changhua He Stanford University Security ! Mar. 04, 2004 An example of a 802.11 wireless local area network History of Security Concerns Terms

285 views • 3 slides
Dragonfly June 2012 IndieCrews Photo??? Paperclip https:/ /github.com/thoughtbot/paperclip

Dragonfly June 2012 IndieCrews Photo??? Paperclip https:/ /github.com/thoughtbot/paperclip

Dragonfly June 2012 IndieCrews Photo??? Paperclip https:/ /github.com/thoughtbot/paperclip Dinosaur / Dragon ? Dragonfly CarrierWave Anyone? GitHub stats CarrierWave - 3046 watchers, 390 forks Paperclip - 4294 watchers, 877 forks

658 views • 22 slides
Insecurity of Voice Solution VoLTE in LTE Mobile Networks Chi-Yu Li 1 , Guan-Hua Tu 1 , Chunyi

Insecurity of Voice Solution VoLTE in LTE Mobile Networks Chi-Yu Li 1 , Guan-Hua Tu 1 , Chunyi

Insecurity of Voice Solution VoLTE in LTE Mobile Networks Chi-Yu Li 1 , Guan-Hua Tu 1 , Chunyi Peng 2 , Zengwen Yuan 1 , Yuanjie Li 1 , Songwu Lu 1 , Xinbing Wang 3 1: University of California, Los Angeles; 2: The Ohio State University; 3:

534 views • 32 slides
Automated Detection of Guessing and Denial of Service Attacks in Security Protocols Marius Minea

Automated Detection of Guessing and Denial of Service Attacks in Security Protocols Marius Minea

Automated Detection of Guessing and Denial of Service Attacks in Security Protocols Marius Minea Politehnica University of Timi soara CMACS seminar, CMU, 18 March 2010 In this talk Formalizing attacks on protocols denial of service by

732 views • 45 slides
Security Concepts Deian Stefan Slides adopted from Kirill Levchenko and Stefan Savage Computer

Security Concepts Deian Stefan Slides adopted from Kirill Levchenko and Stefan Savage Computer

CSE 127: Computer Security Security Concepts Deian Stefan Slides adopted from Kirill Levchenko and Stefan Savage Computer Security Analysis and protection of computer systems in an adversarial setting What is an adversary? An adversary

373 views • 33 slides
Using A Cost-Based Framework For Analyzing Denial Of Service Presented By: Joan Paul A

Using A Cost-Based Framework For Analyzing Denial Of Service Presented By: Joan Paul A

Using A Cost-Based Framework For Analyzing Denial Of Service Presented By: Joan Paul A Cost-Based Framework for Analysis of Denial of Service in Networks Catherine Meadows (2001) Analyzing DoS-Resistance of Protocols Using a

287 views • 28 slides
Welcome! The Webinar will Begin Shortly To Hear Audio To choose your audio connecon, click

Welcome! The Webinar will Begin Shortly To Hear Audio To choose your audio connecon, click

Welcome! The Webinar will Begin Shortly To Hear Audio To choose your audio connecon, click on the phone icon at the boom of the screen There is NO hold music, so you will not hear anything until the webinar begins. Slides/Materials

767 views • 60 slides
Network Time Protocol (NTP) server client Aanchal Malhotra Isaac E. Cohen, Erik Brakke Sharon

Network Time Protocol (NTP) server client Aanchal Malhotra Isaac E. Cohen, Erik Brakke Sharon

NDSS, 2016 Attacking the Network Time Protocol (NTP) server client Aanchal Malhotra Isaac E. Cohen, Erik Brakke Sharon Goldberg Outline of the talk Background How does NTP work? How does NTP client take time? Our attacks

497 views • 16 slides
NetFence: Preventing Internet Denial of Service from Inside Out Xiaowei Yang (Duke University)

NetFence: Preventing Internet Denial of Service from Inside Out Xiaowei Yang (Duke University)

NetFence: Preventing Internet Denial of Service from Inside Out Xiaowei Yang (Duke University) with Xin Liu (Duke University) Yong Xia (NEC Labs China) Sigcomm 2010 Delhi, India DoS is a Formidable Threat Distributed attacks: many

1.46k views • 130 slides
hopecc.com/slides &amp; hopecc.com/notes This weeks message: The Problem of Evil

hopecc.com/slides &amp; hopecc.com/notes This weeks message: The Problem of Evil

To listen to previous messages in this or any series: hopecc.com/messages For this weeks, go to hopecc.com/slides &amp; hopecc.com/notes This weeks message: The Problem of Evil hopecc.com/slides &amp; hopecc.com/notes ... The

578 views • 46 slides

More recommend