Real World Crypto 2021 - Session 1: Secure ChannelsRWC2021 · Real World Crypto
(no notes taken)
Raccoon attack talk interesting. Moral of story is, don’t strip leading zero bytes as it can lead to timing side-channel attacks based on the runtimes of hash functions.
Like all TLS vulnerabilities it has its own website: raccoon-attack.com
There’s a scanning tool you may use to determine if your site is vulnerable: TLS-Scanner.
Several possible Partitioning Oracles mentioned in talk about discovering AEAD keys: one is JOSE. Partitioning attack is possible if non-committing AEAD is used. It isn’t if ‘committing AEAD’ is used, however no standardized non-committing scheme exists yet.
Experimentation was done with Cloudflare who have extended the Go standard library TLS implementation - KEMTLS branch of cloudflare/go
Levchin Prize Winners
The Levchin Prize (funded by Max Levchin) is awarded every year at RWC to honour significant contributions to cryptography. Usually one is awarded to recognize a past achievement and the other one to a team responsible for something more current.