Designing Secure Protocols and Intercepting Secure Communication

Moxie Marlinspike

Register Now // jan 31 - feb 1


Attendees will walk away with everything they need to intercept several types of secure communication. Attendees will learn the fundamentals of how to design a secure protocol, and be armed with the knowledge of how to evaluate the security of and discover weaknesses in existing protocols.

This training will also cover tricks for attacking implementation vulnerabilities and holes in the glue between different protocols, which can allow for the interception of different types of secure traffic.

What You Will Learn:

This training is both theoretical and practical, both academic and hacker-foo. The first day covers the design of secure protocols in depth, leaving students with a thorough understanding of how secure protocols are modeled, how the building blocks of cryptography can be combined to result in something secure, and how to look at secure protocols that others publish (from SSH to SSL to Tor to encrypted web cookies) with a critical eye. Concepts that are often tossed around such as IND-CCA, the birthday paradox, and authenticated encryption will be covered in detail.

The second day covers clever tricks for manipulating implementation vulnerabilities and holes in the glue between secure protocols. Participants will be able to practice different types of man-in-the-middle attacks, and different techniques for getting in the middle.

Who Should Attend:

Anyone interested in designing or evaluating secure protocols, and anyone interested in tricks for intercepting secure communication -- as well as those seeking to defend their networks from these attacks. Some existing basic knowledge of internet protocols will be useful to attendees.

What to bring:

Students are required to bring a laptop with a Debian or Ubuntu Linux install (either native or in a VM) and a copy of VMWare as well.


Moxie Marlinspike is a fellow at the Institute For Disruptive Studies with over thirteen years of experience in attacking networks. He recently published the null-prefix attacks on X.509, the session-denial attacks against OCSP, and is the author of both sslsniff and sslstrip -- the former of which was used by the MD5 Hash Collision team to deploy their rogue CA cert, and the latter of which continues to implement Moxie's deadly "stripping" technique for rendering communication insecure. His tools have been featured in many publications including Hacking Exposed, Forbes Magazine, The Wall Street Journal, the New York Times, and Security Focus as well as on international TV.

Register Button

Super Early:
Ends Nov 15

Ends Dec 1

Ends Jan 30