The main purpose of Transport Layer Security (TLS) is to transmit
data in a secure and confidential way over an unsecured network.
It is the de-facto standard for secured communication in the
This workshop explains the technical background of the cryptographic algorithms used in TLS as well as the existing attacks in a profound but understandable and practical way. TLS supports asymmetric cryptographic algorithms for the authentication of the communicating parties and the secure key-exchange between them. If the algorithms are poorly chosen already this first phase of establishing a secured communication channel can be attacked.
The concepts of Perfect Forward Secrecy and Elliptic Curve Cryptography are presented and explained in this context.
The exchanged keys are used for the symmetric encryption of the secure data exchange, which follows in a second phase. Even with securely exchanged keys a number of realistic attacks on the encrypted data exchange exist. Recent examples are BEAST, CRIME, BREACH and the Padding Oracle Attack Lucky 13.
The workshop explains the mentioned attacks and presents strategies to prevent them. The active participation of students is appreciated. A virtual work-environment will be provided for each student containing all necessary files and tools to participate in the live hands-on exercises.
This workshop will to provide a profound knowledge and understanding of the algorithms used in TLS in order to circumvent the known pitfalls and weaknesses.
Structure: Presentation, Interactive case studies, Exercises with Notebooks
Required Skills: Basic knowledge of network technologies and cryptography, Linux User Basics
Maximal number of participants: 20
Martin Ortner is a full-time security enthusiast that
joined Barracuda Networks AG in 2011 as a Software Developer
Quality Assurance. In his role he’s allowed to do what he likes
best: appreciating the hard work spent creating network security
products by taking apart hard- and software in order to make sure
the quality goals are met.
Prior to joining Barracuda Networks AG, Martin graduated with a master’s degree from the department of Secure Information Systems at the University of Applied Sciences Upper Austria. During these years Martin worked with worldwide leading companies in the industrial sector focusing on computer emergency response coordination, penetration testing and holding security awareness workshops in order to open eyes for the beauty and constraints of software development.
Being an independent security researcher for more than ten years with a passion for reverse engineering and the art of exploitation Martin actively searches for security relevant defects in order to disclose them.
Dr. Gregor Koenig professional focus lies on the research
and development of secure communication and safety-critical
systems and their application in different fields.
Since 2013 Dr. Koenig is with Barracuda Networks AG and develops products for secure internet communication. This involves the design and development of Linux kernel modules for the Barracuda NG Firewall and the management of international projects in the same technical field.
Before joining Barracuda Networks Dr. Koenig was a scientist at the Austrian Institute of Technology in the field of bio-signal processing for medical devices and also worked on other safety-critical aspects of medical products. During these four years Dr. Koenig wrote his PhD thesis at the Medical University of Vienna and was a lecturer at the Technical University of Vienna.
Previously he worked for Frequentis AG in the research and development of safety-critical communication systems for air-traffic security. During these years he was able to acquire valuable experience with professional software design and development.