Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Innehåll tillhandahållet av Black Hat / CMP and Jeff Moss. Allt poddinnehåll inklusive avsnitt, grafik och podcastbeskrivningar laddas upp och tillhandahålls direkt av Black Hat / CMP and Jeff Moss eller deras podcastplattformspartner. Om du tror att någon använder ditt upphovsrättsskyddade verk utan din tillåtelse kan du följa processen som beskrivs här https://sv.player.fm/legal.
Player FM - Podcast-app
Gå offline med appen Player FM !
Gå offline med appen Player FM !
Alexander Kornbrust: Circumvent Oracle's Database Encryption and Reverse Engineering of Oracle Key Management Algorithms
MP3•Episod hem
Manage episode 155121484 series 1146744
Innehåll tillhandahållet av Black Hat / CMP and Jeff Moss. Allt poddinnehåll inklusive avsnitt, grafik och podcastbeskrivningar laddas upp och tillhandahålls direkt av Black Hat / CMP and Jeff Moss eller deras podcastplattformspartner. Om du tror att någon använder ditt upphovsrättsskyddade verk utan din tillåtelse kan du följa processen som beskrivs här https://sv.player.fm/legal.
This talk describes architecture flaws of the Oracle's database encryption packages dbms_crypto and dbms_obfuscation_toolkit. These encryption packages are used to encrypt sensitive information in the database. A hacker can intercept the encryption key and use this key to decrypt sensitive information like clinical data, company secrets or credit card information. Even if a flexible key management algorithm (every row has his own key) is in use it is possible to reverse engineer this algorithm quite fast. A basic knowledge of Oracle databases (PL/SQL) is recommended. Alexander Kornbrust is the founder and CEO of Red-Database-Security GmbH, a company specialised in Oracle security. He is responsible for Oracle security audits and Oracle Anti-hacker trainings. Before that he worked several years for Oracle Germany, Oracle Switzerland and IBM Global Services as consultant. Alexander Kornbrust is working with Oracle products as DBA and developer since 1992. During the last 5 years found over 100 security bugs in different Oracle products. Publications and further information can be found at: http://www.red-database-security.com
…
continue reading
61 episoder
Alexander Kornbrust: Circumvent Oracle's Database Encryption and Reverse Engineering of Oracle Key Management Algorithms
Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference
MP3•Episod hem
Manage episode 155121484 series 1146744
Innehåll tillhandahållet av Black Hat / CMP and Jeff Moss. Allt poddinnehåll inklusive avsnitt, grafik och podcastbeskrivningar laddas upp och tillhandahålls direkt av Black Hat / CMP and Jeff Moss eller deras podcastplattformspartner. Om du tror att någon använder ditt upphovsrättsskyddade verk utan din tillåtelse kan du följa processen som beskrivs här https://sv.player.fm/legal.
This talk describes architecture flaws of the Oracle's database encryption packages dbms_crypto and dbms_obfuscation_toolkit. These encryption packages are used to encrypt sensitive information in the database. A hacker can intercept the encryption key and use this key to decrypt sensitive information like clinical data, company secrets or credit card information. Even if a flexible key management algorithm (every row has his own key) is in use it is possible to reverse engineer this algorithm quite fast. A basic knowledge of Oracle databases (PL/SQL) is recommended. Alexander Kornbrust is the founder and CEO of Red-Database-Security GmbH, a company specialised in Oracle security. He is responsible for Oracle security audits and Oracle Anti-hacker trainings. Before that he worked several years for Oracle Germany, Oracle Switzerland and IBM Global Services as consultant. Alexander Kornbrust is working with Oracle products as DBA and developer since 1992. During the last 5 years found over 100 security bugs in different Oracle products. Publications and further information can be found at: http://www.red-database-security.com
…
continue reading
61 episoder
Усі епізоди
×Välkommen till Player FM
Player FM scannar webben för högkvalitativa podcasts för dig att njuta av nu direkt. Den är den bästa podcast-appen och den fungerar med Android, Iphone och webben. Bli medlem för att synka prenumerationer mellan enheter.