Our editorial team has handpicked some great talks from Black Hat Conference - one of the largest IT Security Conference in the world. 

Black Hat - built by and for the global InfoSec community - returns to Las Vegas for its 21st year providing attendees with the very latest in research, development and trends. This six day event begins with four days of intense technical training for security practitioners of all levels (August 4-7) followed by the two-day main conference featuring Briefings, Business Hall, Arsenal, and more (August 8-9).

(Source: Black Hat Conference USA 2018)

8669822458?profile=original

1) Blockchain Autopsies - Analyzing Ethereum Smart Contract Deaths

Speaker: Jay Little

This presentation will introduce Ethereum smart contracts, explain how to reverse engineer binary-only contracts, describe common classes of vulnerabilities, and then show how to investigate attacks on contracts by demonstrating new tools that re-process blockchain ledger data, recreate contracts with state, and analyze suspect transactions using traces and heuristics.

>> Go To Presentation

8669823488?profile=original

2) Screaming Channels: When Electromagnetic Side Channels Meet Radio Transceivers

Speaker: Aurélien Francillon, Giovanni Camurati, Marius Muench, Sebastian Poeplau, Tom Hayes

In this talk, we show that although isolation of digital and analog components is sufficient for those chips to work, it's often insufficient for them to be used securely. This leads to novel side-channel attacks that can break cryptography implemented in mixed-design chips over potentially large distances. This is crucial as the encryption of wireless communications is essential to widely used wireless technologies, such as WiFi or Bluetooth, in which mixed-design circuits are prevalent on consumer devices.

>>Go To Presentation

8669822272?profile=original

3) A Tangled Curl: Attacks on the Curl-P Hash Function Leading to Signature Forgeries in the IOTA Signature Scheme

Speakers: Ethan Heilman, Neha Narula  

This talk presents attacks on the cryptography used in the cryptocurrency IOTA, developed practical differential cryptanalysis attacks on IOTA's cryptographic hash function Curl-P, allowing us to quickly generate short colliding messages of the same length. Finally, this talk shows that in a chosen message setting we can forge signatures on valid IOTA payments. This talk presents and demonstrates a practical attack (achievable in a few minutes) whereby an attacker could forge a signature on an IOTA payment, and potentially use this forged signature to steal funds from another IOTA user.

>>Go to Presentation


8669825871?profile=original

4) Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels

Speaker: Christian Dresen, Jens Müller

OpenPGP and S/MIME are the two prime standards for providing end-to-end security for emails. From today's viewpoint this is surprising as both standards rely on outdated cryptographic primitives that were responsible for vulnerabilities in major cryptographic standards. The belief in email security is likely based on the fact that email is non-interactive and thus an attacker cannot directly exploit vulnerability types present in TLS, SSH, or IPsec. We show that this assumption is wrong.

>>Go To Presentation

8669826083?profile=original

 

5) Lowering the Bar: Deep Learning for Side Channel Analysis

Speaker: Baris Ege, Guilherme Perin,Jasper van Woudenberg

In this talk, We show we can break a lightly protected AES, an AES implementation with masking countermeasures and a protected ECC implementation and show a live demo of the attack in action. These experiments show that where previously side channel analysis had a large dependency on the skills of the human, first steps are being developed that bring down the attacker skill required for such attacks. This talk is targeted at a technical audience that is interested in latest developments on the intersection of deep learning, side channel analysis and security.

>>Go To Presentation

8669822687?profile=original

Your Complete Guide To Top Talks @Black Hat Conference 2018 (USA)

Get your FREE Guide on Top Talks @ Black Hat Conference 2018 (USA) . Our editorial team has gone through all the talks and handpicked the best of the best talks at Black hat Conference into a single guide. Get your Free copy today.

>>Click Here To Get Your FREE Guide

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)