Oh, that's clever. I'd been headed down the symbolic-execution path for X.509 parse tree differentials, but GA fuzzing bred from real-world certs and synthetic cert parts is both hilarious and clearly effective. I wonder if we should invite them for an afternoon presentation, if they'll be around in time.
Cheers, --mlp On Sun, Apr 6, 2014 at 8:14 PM, Will Sargent <[email protected]> wrote: > It turns out that X.509 is sufficiently complex that you can fuzz > certificates by stitching together seeds into a "frankencert" and use them > to find holes in TLS implementations. They find 208 differences in between > implementations, including some nasty ones in MatrixSSL and GnuTLS. > > https://www.cs.utexas.edu/~shmat/shmat_oak14.pdf > > https://github.com/sumanj/frankencert > > Will. > > _______________________________________________ > langsec-discuss mailing list > [email protected] > https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss > >
_______________________________________________ langsec-discuss mailing list [email protected] https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
