Version v0.4

workshop: Keys to the kingdom

a hacker's guide to cryptographic key container formats


Cryptographic keys are interesting creatures in the memory, but sooner or later, they have to be serialized on some storage device. But as xkcd 927 taught us, we have way many standards for this, and most tools and humans only know/accept a subset of these. This talk will try to help hackers understand the differences along with the similarities that help them convert from any format to the desired one.

The following formats will certainly be part of the talk:

  • ASN.1, DER and PEM

  • X.509 and X.400

  • PKCS12

  • Java Keystores: JKS and BKS

    • Also, the following questions will certainly be answered:

      • How is the certificate fingerprint calculated?

      • How is the HPKP fingerprint calculated?

      • How can I bypass certificate pinning for the purposes of reverse engineering?


Day: 2017-07-07
Start time: 17:00
Duration: 01:00
Room: Klapka
Track: /r/netsec



Concurrent events