The presentation will cover details of a bug (CVE-2015-2141) I found in the Rabin-Williams (RW) digital signature system implementation in the well-known Crypto++ (http://cryptopp.com) framework. The bug is misuse of "blinding" technique that should prevent timing attacks but results in an ability to recover a private key having only two signatures of one message.
Evgeny Sidorov is an Information Security Officer at the major Russian search engine company Yandex. Evgeny works in the Product Security Team and is responsible for developing and embedding various defense techniques in web and mobile applications. He finished his Master degree in applied mathematics at the Institute of Cryptography, Telecommunications and Computer Science of Moscow.