Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

CTX - Eliminating BREACH with Context Hiding

Black Hat via YouTube

Overview

Explore a comprehensive analysis of the BREACH attack and its ongoing threat to web application security in this 46-minute Black Hat conference talk. Delve into the attack methodology, defense strategies, and the innovative CTX architecture designed to eliminate BREACH vulnerabilities. Learn about cross-compression examples, alignment issues, and permutations as presented by experts Aggelos Kiayias, Dimitris Karakostas, Dionysis Zindros, and Eva Sarafianou. Gain insights into the origins of the attack, secret management, and practical solutions for implementing context hiding. Discover key takeaways on improving web application security against compression-based attacks and explore open-source libraries and encodings that can help mitigate these risks.

Syllabus

Introduction
Crime
Roger
Attack Methodology
Attack Diagram
Defense
Origin
Secrets
Cross Compression Example
Cross Compression Solutions
Alignment
Example
Permutations
Comparison
Origins
Response Size
Response Size Diagram
CTX Architecture
How does it work
Open Source
Libraries
Encodings
Key takeaways
Questions

Taught by

Black Hat

Reviews

Start your review of CTX - Eliminating BREACH with Context Hiding

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.