Loading…
This event has ended. Create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, May 12 • 4:40pm - 5:30pm
Proxying Sensitive TLS Operations in Open Source - Susan Hinrichs & Dave Thompson, Yahoo

Sign up or log in to save this to your schedule and see who's attending!

The private key is the linchpin to web server authentication. If an attacker gains the private key to yahoo.com, he can set up another server that will authenticate without error as yahoo.com. In a content delivery network, the private key must be distributed to all Edge devices, creating a bigger attack surface. In this presentation, Susan and Dave describe how they augmented Apache Traffic Server using openssl engines to work with a CryptoProxy server hosted in a more secure location. They analyze the costs and benefits and show that not only does a CryptoProxy solution increase security but it also improves performance in many cases. While their solution uses Apache Traffic Server similar techniques could be used for other network servers.

Speakers
avatar for Susan Hinrichs

Susan Hinrichs

Technical Yahoo, Yahoo
Susan Hinrichs is a member of Yahoo’s Edge team. Susan is a committer and PMC member on Apache Traffic Server where she has implemented TLS extensions and state machine fixes. She earned a PhD in CS from Carnegie Mellon and worked on security policy at Cisco Systems. Susan spent 8 years teaching computer and network security at the University of Illinois at Urbana-Champaign.



Thursday May 12, 2016 4:40pm - 5:30pm
Plaza B

Attendees (24)