The observation in this paper seems to be a key idea behind a new DARPA program, “Mining and Understanding Software Enclaves”
http://www.darpa.mil/Our_Work/I2O/Programs/Mining_and_Understanding_Software_Enclaves_(MUSE).aspx The proposers day program slides make for some interesting reading after this paper! On Apr 6, 2014, at 2:14 PM, Will Sargent <[email protected]> wrote: > It turns out that X.509 is sufficiently complex that you can fuzz > certificates by stitching together seeds into a "frankencert" and use them to > find holes in TLS implementations. They find 208 differences in between > implementations, including some nasty ones in MatrixSSL and GnuTLS. > > https://www.cs.utexas.edu/~shmat/shmat_oak14.pdf > > https://github.com/sumanj/frankencert > > Will. > _______________________________________________ > langsec-discuss mailing list > [email protected] > https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
_______________________________________________ langsec-discuss mailing list [email protected] https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
