This course aims to teach learners how to protect authentication systems' core secrets by exploring the vulnerabilities associated with compromised credentials and the importance of implementing Multi-Factor Authentication (MFA). Participants will gain an understanding of SAML, the concepts of Service Provider and Identity Provider, and the use of Golden SAML to prevent single points of failure. The course covers topics such as hardware-based solutions, Threshold Signature Scheme (TSS), and Distributed EC-DLP for enhancing security measures. The teaching method includes theoretical explanations, practical examples, and a demo architecture to illustrate the implementation phases. This course is designed for cybersecurity professionals, IT administrators, and individuals interested in enhancing their knowledge of authentication system security.
MFA-ing the Un-MFA-ble - Protecting Auth Systems' Core Secrets
Overview
Syllabus
Intro
black hat USA 2021
SunBurst: Breach of the year
SunBurst APT
Persistence: APT VS. APT
Persistence in practice
What is SAML
Service Provider (SP)
Identity Provider (IP)
SAML token example
Back to Service Provider
SAML is all about decoupling
Golden SAML: In high level
Problem definition
MFA as a good solution reference
Hardware based solution
HSM for SAML: Scorecard
What if we can have multiple signers?
Threshold Signature Scheme (TSS)
Tribute to Dan Kaminsky
EC-DLP as a billiards game
Distributed EC-DLP: Doubles' billiards game
Threshold Signatures (TSS): 1 becomes 2
TSS SAML flow: In high level
TSS for SAML: Scorecard
Demo Architecture - Setup Phase
Demo Architecture - Signing Phase
Taught by
Black Hat
