Brute force attacks!

Increasing resistance to brute force attacks (part 2)

This is a follow-up talk from the password storage talk given in June of 2013, which spoke about common password storage techniques and their flaws.

Part 2 will focus on the metrics surrounding the different approaches to storing passwords, including Hashes (SHA), Salted Hashes, and Adaptive One-Way Functions. The talk will examine the metrics to compute different password storage options from a developer's point of view as well as metrics to brute force the password from an attacker's point of view. The talk will discuss the cryptographic properties of current common password storage practices, but does not require a PhD in mathematics to understand the details.

Don't worry if you didn't catch Part 1, it isn’t a pre-requisite!

Bio

Dawn Carroll is currently a Senior Security Consultant for Cigital in Boston. She possesses a master's degree in Computer Science with a concentration in Security from Boston University. Prior to joining Cigital, she worked as a Department of Defense (DoD) contractor. Her favorite security task is pen-testing web apps, web services, and mobile apps.

LinkedIn. Dawn Carroll (https://www.linkedin.com/in/dawncarroll)

Tool of the month by Michael O'Leary (https://www.linkedin.com/pub/michael-o-leary/7/161/357)

Security considerations for new users of Google Glass

How to find us (https://www.meetup.com/boston-security-meetup/pages/how_to_find_us/)

Show Schedule

6:15 - 6:30: Pizza

6:30 - 6:35: Cybersecurity Opener by Akshat

6:35 - 6:45: Lulzy News by Lucy

6:50 - 7:50: Brute force attacks by Dawn

7:50 - 7:55: Tool of the month by Michael

8:00+ Craft beer @ Mead hall!