Milliways
Hashing Pico Berries
August 18, 2023
10:30 PM – 10:50 PM Add to calendar
10:30 PM – 10:50 PM Add to calendar
Milliways
Nachhaltige Kryptographische Sicherheit stellt insbesondere für stromsparende Hardware eine Reihe von Herausforderungen dar. Für Lösungen mit langer Einsatzzeit müssen heute auch die Sicherheit gegen Quantencomputer Berücksichtigung finden. Hashbasierte Signaturlösungen für den Raspberry Pi Pico ermöglichen beispielsweise Sensorlösungen, welche für Jahrzehnte kryptographische Sicherheit mit stromsparender, standardisierter und preisgünstiger Hardware ermöglichen. Wir präsentieren erste Prototypen aus einer laufenden Masterarbeit.
Ruediger Weis
Pierre Kurzer
Nachhaltige Kryptographische Sicherheit stellt insbesondere für stromsparende Hardware eine Reihe von Herausforderungen dar. Für Lösungen mit langer Einsatzzeit müssen heute auch die Sicherheit gegen Quantencomputer Berücksichtigung finden. Hashbasierte Signaturlösungen für den Raspberry Pi Pico ermöglichen beispielsweise Sensorlösungen, welche für Jahrzehnte kryptographische Sicherheit mit stromsparender, standardisierter und preisgünstiger Hardware ermöglichen. Wir präsentieren erste Prototypen aus einer laufenden Masterarbeit
.
# Techfoo
Raspberry Pi Pico W:
* RP2040 microcontroller chip
* Dual-core Arm Cortex M0+ processor, flexible clock running up to 133 MHz
* 264kB of SRAM, and 2MB of on-board flash memory
* Wireless (802.11n), single-band (2.4 GHz), WPA3
https://www.raspberrypi.com/documentation/microcontrollers/raspberry-pi-pico.html
Implementierung:
Grundlage: https://github.com/davidmcgrew/hash-sigs (David McGrew ist Mitverfasser des RFC8554)
Modifikation:
* Schlüssel-Cache auf on-board flash memory, Cache für Nodes des Hash Tree
* Nur LMS (LM-OTS Hash Tree), keine HSS (Hierarchical Signatures)
* Maximal können auf dem
Additional information
| Live Stream | https://streaming.media.ccc.de/camp2023/milliways |
|---|---|
| Type | Short Talk |
| Language | German |
More sessions
| 8/15/23 |
In this 2h workshop, I will teach you to work with the tiny components that modern electronic devices are made of. We will assemble an electronic kitten, that purrs when touched correctly, and hisses when touched wrong. It will work, and is guaranteed to remove your fear of hand-assembling surface mount designs.
|
| 8/15/23 |
The session proposes a quick overview of Frida, a dynamic instrumentation framework, and how it can be used to enhance our work during the runtime analysis of a mobile application. It will be a walkthrough on how hooking and rewriting functions in runtime may be helpful against anti-reverse engineering measures and SSL pinning mechanisms.
|
| 8/15/23 |
Hardware FIDO U2F tokens are security devices which are meant to defend user second factor keys from physical and remote attacks. In this presentation different security features and implemented by FIDO U2F tokens and how they are meant to protect a user from various attack scenarios. We will focus on the open source implementation of FIDO U2F token developed and Common Criteria certified by Federal Office for Information Security (BSI). Having access not only to the source code of the token ...
|
| 8/15/23 |
Come learn how to hack networks without needing to piss off your housemates, local coffee shop, or the Feds! Bring your laptop and by the end of this workshop, everyone can walk away having intercepted some packets and popped some reverse shells.
|
| 8/15/23 |
MITRE ATT&CK (Attack Framework among friends) is intimidating sight at first, but is a great tool for risk identification, threat analysis, red teaming, DFIR and security management. Brief introduction to the topic with various examples.
|
| 8/15/23 |
Solder your own pathlighter badge to illuminate your surroundings at night.
|
| 8/15/23 |
This talk will show you how many interfaces have to communicate in order to fly experiments on a sounding rocket. We will give you insights into the procedures and the complexity of a research campaign and the actual flight of the rocket itself. In particular, we look at the hardware and software used in the Ground Support Equipment (GSE) and the Service Module (SM) within the rocket.
|
