Public key certificates are becoming more and more prevalent in software. These certificates are used in more places than just protecting web connections over HTTPS. They are used for authentication, trust, identification and secret trading within apps, behind firewalls and even between services. But, these black magic cryptography tools are only as secure as the code that implements them! Come see how bad practices, designs and testing habits can leave systems vulnerable and prone to exploitation!

Bio: Robert Lucero is a physics major turned software developer. He has eight years of software development experience working on various projects at Microsoft and more recently at a smaller company in San Francisco. There’s other stuff on his LinkedIn profile, but he’ll probably tell you more over a beer.

Back to BSides Las Vegas 2014 video list