A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Rethinking the Trust Chain: Auditing OpenSSL and Beyond - Kenneth White (Circle City Con 2015 Videose 2015) (Hacking Illustrated Series InfoSec Tutorial Videos)

Rethinking the Trust Chain: Auditing OpenSSL and Beyond
Kenneth White

Circle City Con 2015

In the aftermath of HeartBleed, the Linux Foundation commissioned the Open Crypto Audit Project to conduct a full independent security analysis of OpenSSL. This talk will present findings and recommendations of more than two dedicated months of engineering work. A technical primer will be given on SSL, TLS and Forward Secrecy, and the most common secure protocols in use today. In addition to the OpenSSL project, we will take a look back at the year in review and discuss specific initiatives and plans to reestablishing trust in the core infrastructure of the Internet.

Bio: Kenneth White is a security researcher whose work focuses on networks and global systems. White is Director of the Open Crypto Audit Project, currently managing a large-scale audit of OpenSSL on behalf of the Linux Foundation's Core Infrastructure Initiative. Previously he led the engineering team that designed and ran global operations and security for the largest clinical trial network in the world, with research centers in over 100 countries. White co-founded the CBX Group partnering with BAO Systems to provide security services to major organizations including World Health Organization, UNICEF, Doctors without Borders, and the US State Department. White holds a Masters from Harvard and is a PhD candidate in neuroscience and cognitive science. He serves on the US Department of Homeland Security's Software Security Assurance national working group, is a technical reviewer for the Software Engineering Institute, and publishes and speaks frequently on computational modeling, security engineering, and trust.

Back to Circle City Con 2015 Videos list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast