2017 IEEE Symposium on Security and Privacy (SP) 2017
DOI: 10.1109/sp.2017.40
|View full text |Cite
|
Sign up to set email alerts
|

SymCerts: Practical Symbolic Execution for Exposing Noncompliance in X.509 Certificate Validation Implementations

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
2

Citation Types

1
21
0

Year Published

2018
2018
2024
2024

Publication Types

Select...
3
2
1

Relationship

1
5

Authors

Journals

citations
Cited by 42 publications
(22 citation statements)
references
References 47 publications
1
21
0
Order By: Relevance
“…As explained in previous work [15], inputs like X.509 certificates that are DER-encoded ASN.1 objects, can be viewed as a tree of {Tag, Length, Value} triplets, where the length of Value bytes is explicitly given. Hence, if all the Tag and Length are fixed to concrete values, the positions of where Value begins and ends in a test input buffer would also be fixed.…”
Section: Symbolic Execution With Meta-level Searchmentioning
confidence: 99%
See 4 more Smart Citations
“…As explained in previous work [15], inputs like X.509 certificates that are DER-encoded ASN.1 objects, can be viewed as a tree of {Tag, Length, Value} triplets, where the length of Value bytes is explicitly given. Hence, if all the Tag and Length are fixed to concrete values, the positions of where Value begins and ends in a test input buffer would also be fixed.…”
Section: Symbolic Execution With Meta-level Searchmentioning
confidence: 99%
“…Hence, one can generate a few concrete inputs, and manually mark Value bytes of interests as symbolic to obtain meaningful concolic test cases. In fact, just a handful of such manually produced test cases managed to uncover a variety of verification problems [15].…”
Section: Symbolic Execution With Meta-level Searchmentioning
confidence: 99%
See 3 more Smart Citations