The Road from Academic Research to OpenSSL Contributions

In this talk, I will discuss my OpenSSL contributions. My first contribution involves a potentially vulnerable code pattern that is the root cause of CVE-2022-37454, a buffer overflow vulnerability in the "official" SHA-3 implementation (Mouha and Celi, CT-RSA 2023). Jaroslav Lobačevski of GitHub Security Lab found the same pattern in OpenSSL, specifically in its HKDF implementation. (HKDF, which stands for HMAC-based Key Derivation Function, is used in TLS 1.3, the protocol that keeps your browser connection secure.) My second contribution is related to OpenSSL issue #13210 ("Incorrect usage of the HMAC APIs"), which discusses an attack when HMAC_Update() is invoked after HMAC_Final() (Benmocha et al., SAC 2020). It surprised me that the attack is no longer possible since OpenSSL 3.2.0 due to a change in the HMAC API, and I proposed adding a regression test to document the new API behavior.