Thursday, May 5, 2011

Man In Remote (or PKCS#11 redirection)

I found a paper from the "Hackito Ergo Sum" 2011 security conference called:
" Man In Remote,
Remotely using the Spanish National Electronic ID,
by Gabriel Gonzalez Garcia "

The paper describes a man in the middle attack by adding a network redirection at the PKCS#11 API level.

Gabriel talked about his paper on his blog Man In Remote and the source code is available online at github.

Flattr this