goto fail;

Legend has it, the first iteration of the Secure Sockets Layer (SSL) protocol was broken in ten minutes by Phillip Hallam-Baker and Alan Schiffman during a presentation by Marc Andreesen at MIT in 1994. In the following two decades the protocol has been improved and the implementations have been strengthened, but not without a steady stream of implementation vulnerabilities and protocol design errors. From the ciphersuite rollback attack to LogJam, SSL/TLS has seen a diverse set of problems. In this talk we’ll discuss the pitfalls in designing and implementing a cryptographic protocol and lessons learned from TLS up to version 1.2.

Press mentions:
https://www.feistyduck.com/bulletproof-tls-newsletter/issue11_sloth_and_curveswap.html

Role
Speaker
For
32c3
Date
December 28, 2015
Type
Talk
URL
www.youtube.com/watch?v=oovK9YkJ8Co