Regular registration rate closes May 31, 2007. Register now to save your
seat and save some dough!

Black Hat Registration:
https://blackhat.com/html/bh-registration/bh-registration.html#USA



Side Channel Analysis and Countermeasures with Riscure
Url: https://blackhat.com/html/bh-usa-07/train-bh-us-07-jdh.html

Course offered: July 28-29 (Weekend) & July 30-31 (Weekday)
Course Length: Two days.

Overview: Side channel analysis is a technique to discover secrets such
as cryptographic keys and PINs from hardware and embedded software. This
is achieved by listening to and understanding the information that
(hardware) channels emit when processing information. This course
provides an understanding of the possibilities and impact of side
channel analysis and explains how you can protect against it through a
hands-on approach. Besides the necessary side channel theory, students
will perform exercises themselves in which they will, for instance,
break a DES key through power analysis. Further, in another exercise,
each student is challenged to devise their own countermeasures and the
effect of these is analyzed via a live data acquisition and analysis on
the code using side channel analysis equipment.

For a long time, Side Channel Analysis (SCA) terms such as Differential
Power Analysis (DPA), Timing attacks and Electro Magnetic Analysis (EMA)
have had the air of mythical powers to break any crypto system and
reveal every secret in a system. This course provides a practical
introduction into the world of side channel analysis. It shows the
basics and allows students to understand and experience what it means to
break a system with these types of attacks. At the same time this course
explores the countermeasures that are available to developers. Using
these, the side channel attack resistance of software on smart cards and
embedded systems will significantly improve. We examine source code
implementations on weaknesses and provide hands-on exercises to improve
these implementations. This will allow the student to develop a feel for
the possibilities and limitations for software-based countermeasures
against such attacks.



Building and Testing Secure Web Applications with Aspect Security.
Url: https://blackhat.com/html/bh-usa-07/train-bh-us-07-as_btswa.html

Course offered: July 28-29 (Weekend) & July 30-31 (Weekday)
Course Length: Two days.

Training developers and software testers in application security offers
one of the highest returns on investment of any security investment by
eliminating vulnerabilities at the source. Aspect's Building and Testing
Secure Web Applications training raises developer awareness of
application security issues and provides examples of 'what to do' and
'what not to do.' The class is lead by an experienced application
security practitioner and is delivered in a very interactive manner.

This class includes hands-on exercises where the students get to perform
security analysis and testing on a live web application. This specially
designed environment includes deliberate flaws the students have to find
and diagnose. Students gain hands-on experience using freely available
web application security test tools to find and diagnose flaws and learn
to avoid them in their own code.

Ver todos los episodios