Hacker Halted: Moxie Marlinspike on SSL Authenticity

Tuesday, November 01, 2011

Moxie Marlinspike, co-founder of Whisper Systems, discusses Convergence - an alternative to digital certificates and the increasingly untrustworthy certificate authorities.

Moxie is a fellow at the Institute For Disruptive Studies, and runs a cloud-based password cracking service, among his many varied interests.

"I like computer security, particularly areas around secure protocols, cryptography, privacy, and anonymity. I have to admit that I'm more inspired by software engineers who become interested in computer security, rather than the other way around," Moxie states in his bio at http://thoughtcrime.org.

Presentation Abstract:

"SSL And The Future Of Authenticity: In the early 90's, at the dawn of the World Wide Web, some engineers at Netscape developed a protocol for making secure HTTP requests, and what they came up with was called SSL. Given the relatively scarce body of knowledge concerning secure protocols at the time, as well the intense pressure that everyone at Netscape was working under, their efforts can only be seen as incredibly heroic. But while it's amazing that SSL has endured for as long as it has, some parts of it -- particularly those concerning Certificate Authorities -- have always caused some friction, and have more recently started to cause real problems."

"This talk will provide an in-depth examination of the current problems with authenticity in SSL, discuss some of the recent high-profile SSL infrastructure attacks in detail, and cover some strategies to definitively fix the disintegrating trust relationships at the core of this fundamental protocol."

Infosec Island was proud to be a media sponsor for the Hacker Halted Miami event.


Bio information via Corporate site and/or LinkedIn 

Possibly Related Articles:
Service Provider
Encryption SSL Infosec Island Digital Certificates Information Security Infosec EC-Council Hacker Halted Conference Certificate Authority Convergence Trust Agility Moxie Marlinspike
Post Rating I Like this!