Archive for the ‘27C3’ Category

Crypto Talk at 27C3: Automatic Identification of Cryptographic Primitives in Software, Day1, 16:00, Saal 3

Monday, December 27th, 2010

FingerprintMany applications, including closed source applications like malware or DRM-enabled multimedia players (you might consider them as malware too) use cryptography. When analyzing these applications, a first step is the identification and localization of the cryptographic building blocks (cryptographic primitives, for example AES, DES, RSA…) in the applications. When these blocks have been localized, the input and output of the cryptographic primitives and the key management can be observed and the application can be analyzed further. Fortunately, many cryptographic algorithms use special constants or have a typical fingerprint  and there are only a few different public implementations of the algorithm. This allows us to automate this first, Felix Gröbert will show us how:

Using dynamic binary instrumentation, we record instructions of a program during runtime and create a fine-grained trace. We implement a trace analysis tool, which also provides methods to reconstruct high-level information from a trace, for example control flow graphs or loops, to detect cryptographic algorithms and their parameters.

Trace driven/dynamic analysis has some advantages of static analysis:

  • Because the program is analyzed at runtime, it is immediately known which parts of the code are used at which time, so that they might be correlated with runtime decryption of the code or with network communication.
  • Inputs and outputs of the primitives as well as the keys are recorded, even if the originate from a remote server or botnet. This allows us to immediately distinguish between long term keys and session keys, if multiple executions of the same program can be recorded.
  • This is also highly interesting if private keys are included in an obfuscated binary, for example private RSA keys.
  • Dead or unused code is automatically excluded, so that one can proceed with the main parts of the code first.
  • If additional code is loaded from a server, it is included in the analysis. This would be hard to impossible using static analysis.

AnalysisOf course, trace driven analysis has it disadvantages, for example if a malware needs to communicate with a command-and-control server, which has already been taken down or behaves differently on different systems or at different times.

Personally, I am interested in this talk because it might make ease up the analysis of closed source applications using cryptography. Even if the application, the DRM scheme, or the cryptographic primitive has no special weaknesses or bugs, just he recording of every input and output of all cryptographic building blocks in the application might be sufficient to extract a DRM free version of DRM protected digital content. Please also note that even if an application uses only well analyzed cryptographic primitives as AES and RSA, it might still be insecure, if these primitives are used in the wrong way.

See the talk at Day 1, 16:00, Saal 3!

Author: Erik Tews

Day 0 Dinner Meetup!

Sunday, December 26th, 2010

Who: You! And lots of Hackers in Berlin!
What: Day 0 Dinner Meetup
When: Today! (26 Dec.) 6pm-11pm (18-23h)
Where: Vapiano Berlin 3 — Mittelstrasse 51, 10117 Berlin
Why: Interesting conversation, good food and great people!
How: Register Here! (Registration requested, not required)

Following the success of last year’s meetup, we’ve arranged another relaxing dinner to celebrate the start of the 27c3 and the other events happening in Berlin between Christmas and New Year’s.  Whatever your plans for the 27th on, stop by tonight for some nice food and great company! Vapiano has dishes for all budgets and dietary restrictions and we’ll have a spot to ourselves at the venue.

For more information, see the Side Events Wiki Page or call +49-179-3966141

Travel Information by 27C3

Saturday, December 25th, 2010

If you try to get to the congress but get stuck in traffic, don’t know the status of the road in front of you or sit a platform caused by an annulated train, you can call us beginning from Sunday 10am. We set up a number where we will help you to find a possibility to get to the congress or just answer questions about your trip. This is quite handy for situations when you don’t have internet access or if every other hotline is overcrowded.

Travel Information: +49 30 809 400 22 2324

Have a safe journey. Slow down the speed if the road forces you to do so. Keep in mind: this year you don’t have to hurry for your ticket.

Change of Plan — Video Streams For Peace Missions

Saturday, December 25th, 2010

In one of our last posts we’ve invited all peace missions to register their IP addresses by mail. Registered IP addresses will be granted access to a dedicated video streaming relay.

We’ve received mails from lots of people, who’d like to set up a peace mission and gave us their IP address. So far, so good – it’s cool to see so much interest. Unfortunately, now you’ve invested time for sending us an email, we do change the registration procedure.

There will be a web site, where peace missions can register. After we’ve acknowledged a registration you may add or change your IP address on the white list.

Those of you, who already sent us an email, please re-register again by using that web interface.

We don’t know the URL yet, but we’ll post it as soon as we know it here and on the Peace Missions page in the wiki.

Update:
Please register your Peace Mission at 27c3 Peacekeeper to get guaranteed Bandwidth!

The fairydust has landed at the 27c3

Friday, December 24th, 2010

212833331

We wish you a very merry festival of fixing the WiFi at your family’s home!

Over the past few days, the 27c3 team has been hard at work with the initial preparations for the 27c3.  At the bcc, several tons of networking hardware have arrived, the network backbone is up and running and the hackcenter decor is taking shape.  In far away lands, many new Peace Missions have been announced and there’s always room for more.

Peaceful journeys!  We’ll see you on the 27th!

Bring Your DVB-T receivers

Thursday, December 23rd, 2010

Beim 27C3 werden alle Vorträge live und in Farbe im und um das bcc via DVB-T ausgestrahlt. Den Besuchern des 27C3 ist es damit möglich, Vorträge auch von außerhalb zu folgen und damit die überfüllten Vortragssäle zu vermeiden.

Zum Empfang eignet sich jeder PC oder Laptop mit DVB-T-Stick, Fernseher mit DVB-T-Tuner, Handy mit DVB-T-Funktion, etc. Im Wiki werden wir evtl. notwendige Konfigurationsdateien hinterlegen und eine Liste mit gut und weniger gut funktionierenden Empfängern pflegen.

Die Bundesnetzagentur hat uns Kanal 22 (482MHz) zugeteilt, auf dem wir mit 6 Watt ERP senden werden.

Zuletzt gab es DVB-T beim 24C3, wobei es damals an manchen Stellen im Gebäude zu Empfangsproblemen durch Abschattungen kam. Dem Problem begegnen wir heuer mit deutlich gesteigerter Sendeleistung und geschickterer Platzierung der Sende-Antenne sowie einem neuen, verbesserten Modulator.

Details gibts im Wiki unter http://events.ccc.de/congress/2010/wiki/DVB-T

—-

At 27C3 all lectures will be broadcast via DVB-T and reception will be possible in and around the bcc. Visitors can watch via TV if they want avoid overcrowded lecture rooms.

To receive the signal any PC with DVB-T-USB-Stick, TV set with DVB-T tuner or cellphone with DVB-T-function will work. We will publish all needed configuration files and a list of working and non-working receivers in the wiki.

The Bundesnetzagentur (German regulation body) has allocated channel 22 (482MHz) for us, where we will transmit with 6 watts ERP.

The last time DVB-T was available on Chaos Congress was at 24C3 where in some areas the signal was to much attenuated to be received properly. This year we come up against this with more transmission power, better
placement of the transmitter antenna and a new, better modulator.

Details are available at http://events.ccc.de/congress/2010/wiki/DVB-T

Tickets nun in den Accounts verfügbar // downloadable tickets are available in your presale-account

Friday, December 17th, 2010

Wie in alter Chaos-Tradition üblich, verschob sich die Bereitstellung der PDF-Tickets vom 13. auf den 17. Dezember. Doch – wie immer – aufgeschoben ist nicht aufgehoben, sodaß die Tickets nun in den Accounts zum Download bereitstehen.

Bitte druckt die Tickets aus und zeigt sie an der Kasse vor.

Auf den Tickets sind alle quittungsrelevanten Daten aufgedruckt, sodass Ihr keine zusätzliche Rechnung oder Kassenbon benötigt.

Viel Spaß auf dem Kongress! :)

—-

downloadable tickets are available in your presale-account. NOW.

As you already may have noticed, the availability of your tickets has been delayed.. ahem.. just a little bit. But here’s the good news:

Your 27C3-tickets are available for download now!
Please log in to https://presale.events.ccc.de , download the pdf, print it out, and make sure to bring it with you to the cash desk.

We wish you a lot of fun at the 27C3!

24 Hour Hardware Hacking Returns to 27c3

Thursday, December 16th, 2010

Hackers of all ages can (learn how to) make things at the Hardware Hacking Area of the 27c3!

The HHA is open to everyone and open the entire congress! Hackers of all ages and skill levels are welcome! Round-the-clock hands on workshops will be led by lots of experienced teachers like Mitch Altman, Jimmie P. Rodgers, fbz, Wim Vandeputte and…you!

Learn to solder, then help teach others! Make cool things with electronics, design and print 3D models on the Makerbot, break RFID, or give your own workshop on the projects you’ve been hacking on this year. Last year there was a Cantenna workshop, a Mikrocopter workshop, and a GSM workshop among many others.

Lots of kits for you to make will be available including Brain Machines, TV-B-Gones, Trippy RGB Waves, Mignonette Games, LEDcubes, LOL shields, Atari Punk Consoles…and there’s always room for yours!

To accommodate all this hardware hacking goodness, the HHA will be twice the size it was during the 26c3, but still conveniently located near the Hackcenter.

Even if you don’t have a ticket to Congress, you can stop by the HHA with a Night Pass good from Midnight to 6 AM. Night passes are only €5 and will be sold shortly before midnight each day of the 27c3.

Have you set up your Peace Mission yet?

Wednesday, December 15th, 2010

Banksy Dove for 27c3

We want you to come together in Peace Missions all over the world!

Following the success of the dragons everywhere experiment from the 26c3, hackers all over the world are organizing events to bring the 27c3 closer to home. They’re gathering to create their own Hack Center experience, watch the streams, participate via twitter or chats, drink Tschunk, cook and have a good time.

Following your suggestions from last year, the Herald Angels are hard at work exploring ways you can participate live in the events! Heralds will be in #behindenemylines on Freenode during selected talks to help you ask questions and participate in events from the streams in your Peace Mission.

If you have other cool ideas how to make the distributed 27C3 the coolest congress ever, just comment on what you can bring, what you’d like to see and what you need from 27C3 Berlin orga. See the Google map and add your location to it!

Register your IP addresses

There will be no VPN this year, instead the external streaming relays will offer guaranteed bandwidth for streaming to registered IP addresses.

Therefore, please send your static IP to: 27c3-peacemissions at cccv dot de

Source image of the Banksy Bethlehem Peace Dove by Luxerta , remixed under the Creative Commons Attribution-ShareAlike 2.0 Generic license.