|
ИСТИНА |
Войти в систему Регистрация |
ИСТИНА ЦЭМИ РАН |
||
You Can Be Anything You Want To Be: Bypassing "Certified" Crypto in Banking Appsстатья
- Авторы: Noseevich G., Petukhov A., Gamayunov D.
- Журнал: HITB Magazine
- Номер: 10
- Год издания: 2014
- Первая страница: 9
- Последняя страница: 15
- Аннотация: It’s no surprise that typical hacker’s professional path hits against custom crypto protocols from time to time. There’re lots of application-specific crypto-hardened protocols written from scratch which could be found in banking, SCADA, and other types of not-so-common hardware and software systems. Here we propose a methodology for cracking such systems using top-down approach with GOST-hardened banking application as an example. We show how easy it is sometimes to break complex crypto because of developers having broken or inconsistent knowledge of modern application level protocols.
- Добавил в систему: Гамаюнов Денис Юрьевич