In this talk we show how to detect and abuse logical flaws in implementations of this handshake.Our goal is not to detect common programming errors such as buffer overflows or double frees, but to detect logical vulnerabilities.

By Mathy Vanhoef

Full Abstract & Presentation Materials: https://www.blackhat.com/us-17/briefi...