Erez Yalon

Workshop Title:

Predictable Failures – The cryptographic mistakes you make

Abstract:

Whether we are aware of it or not, cryptography is being used every day. From the green padlock on the top left corner of our browser window, via username/password forms and to the RFID smart card we use for payments. However, what happens when we need to take crypto into our own hands and try to implement or use it correctly? In this workshop, aimed at beginners and intermediate participants, we will lay the foundation of cryptography best practices, talk about the mistakes that cause cryptographic vulnerabilities, give examples of such vulnerabilities and show how to perform some basic cryptanalysis to find vulnerabilities and exploit weakly implemented crypto schemes – from decrypting credit card numbers to breaking passwords.

Bio

Erez Yalon heads the security research group at Checkmarx. With vast defender and attacker experience and as an independent security researcher, he brings invaluable knowledge and skills to the table. Erez is responsible for maintaining Checkmarx’s top notch vulnerability detection technology where his previous development experience with a variety of coding languages comes into play.

Presented at:
OWASP AppSec Israel 2016
University of Minho 2016
OWASP AppSec Europe 2016