28C3: Behind enemy lines (2011)

#35C3 Memory Lane: Das erste Türchen

35c3-kalender 1

Das erste Türchen.

2011 war das letzte Jahr, in dem der Chaos Communication Congress im Berliner bcc gastierte. Passend zum damaligen Motto „Behind enemy lines“ kommentierte der Schriftsteller und Journalist Cory Doctorow in seinem Vortrag „The coming war on general computation“ vor vollem Haus die Copyright Wars.

35c3-kalender 1, doctorow

Cory Doctorow beim #28C3

Der in Toronto geborene Doctorow erklärt, wie in den 1990er Jahren durch Kopierschutz und Digital Restriction Management eine Bewegung angestoßen wurde, die mit Kanonen auf Spatzen schoss, uns nach und nach die Rechte über unsere Rechner entriss und sie in Unterhaltungs- und Haushaltsgeräte verwandelt, über die nicht mehr wir, sondern die Herstellerkonzerne die volle Kontrolle haben.

Der Vortrag ist heute noch so aktuell wie vor sieben Jahren, und Doctorow zuzuhören, ist ohnehin immer ein Erlebnis. In „Memory Lane“ Teil 1 legen wir Euch das Video seines Vortrags ans Herz, die heimliche Keynote des Jahres 2011 beim 28C3.

In Hinblick auf aktuelle Berichterstattung wie die Implant Files mutet das folgende Zitat fast prophetisch an:

As a member of the Walkman generation, I’ve made peace with the fact that I will require a hearing aid long before I die, and of course it won’t be a hearing aid, it will be a computer I put in my body. So when I get into a car – a computer I put my body into – with my hearing aid – a computer I put inside my body –, I want to know that these technologies are not designed to keep secrets from me and prevent me from terminating processes on them that work against my interests.

Was das mit katzenessenden Menschen und dreirädrigen Bankräubern zu tun hat, könnt ihr hier nachhören:

Das Video von Cory Doctorow ist in zwei Formaten verfügbar.

Recordings of 28C3 talks available

The 28th Chaos Communication Congress ended yesterday and most of the talks are already available for download.


Credit goes to the FEM, who did a really tremendous job streaming the talks during the conference and who still continue their hard work by publishing the Official Releases of the last talks.

Did you really love certain events? Weren’t so excited about others? Let us know! You can leave feedback via the Fahrplan. Find the events you’d like to leave your thoughts on and click on the green “Give Feedback” link in the lower right hand corner. We use this information to plan future events, so your input is essential.

Many thanks again for a great Congress and we’ll see you at the Sigint 2012 in May or the next Chaos Communication Congress!

Crypto talk at 28C3: Sovereign Keys – A proposal for fixing attacks on CAs and DNSSEC, Day 3, 23:00, Saal 3

After many attacks on X.509 and the internet PKI infrastructure, it became clear, that the current state does not meet the requirements for the upcoming challenges for secure internet communication in the future. CAs have been completely compromised, and weak cryptography used by PKIs has been broken in practice to issue rouge certificates. So there is a need for an alternative how to establish a binding between your public key and your identity. The EFF will present their proposal to improve the security of SSL/TLS connections this evening at the congress.

See the talk, Day 3, 23:00, Saal 3.

Author: Erik Tews

Crypto talk at 28C3: TRESOR: Festplatten sicher verschlüsseln, Day 3, 14:30, Saal 2

Some of you may remember the Cold Boot Attack. It’s a general method, how almost all disk encryption schemes on PCs and Laptop can be circumvented. Usually, when a harddisk or just a partition is encrypted, the encryption software used, needs to store the keys in memory, as long as the filesystem is mounted. Three years ago, it was shown that this key can be extracted, just by removing the RAM module, and dumping it’s content on a second PC using a custom software. Alternatively, the system can be booted from a CD or USB-stick with a custom software, that dumps the content of the RAM. As long as the RAM has only been off for a few seconds, or cold down to a low temperature, it doesn’t loose the stored data completely, and the encryption keys can be recovered from that dump.

Today, a solution  for this problem will be presented, that prevents the attack by never storing the encryption key in RAM. Instead, CPU registers are used, and because the encryption code runs in kernel space, it can ensure, that they are never stored in RAM.

This sounds like a good solution to me, except that it only prevents the encryption key from leaking. Of course, the actual data, that is decrypted and that applications on that system work with, can still be found in RAM, but I have no idea how this can be fixed easily.

See the talk: Day 3, 14:30, Saal 2

Crypto talk at 28C3: Bitcoin

Two Bitcoin related talks will be presented tomorrow. Bitcoin is a decentralized digital currency, and of course uses various cryptographic schemes as building blocks. Because Bitcoins can be exchanged with real money, Bitcoin is more than just an academic playground and real cash could be lost, if an attack on Bitcoin would be found.

The first talk Bitcoin – An Analysis will be presented by Kay Hamacher and Stefan Katzenbeisser. From the abstract:

In this presentation, we show results on network analysis of the money flow, the behavior of individuals, and the overall scalability of P2P-currencies. At the same time we will discuss advanced “financial instruments” that one might find in the transactions.

So I assume that this will be an in-depth analysis of the current state of the Bitcoin network. The second talk Electronic money: The road to Bitcoin and a glimpse forward – How the e-money systems can be made better given by peio will cover the general topic of digital money and what lead to the development of Bitcoin. It will even look beyond Bitcoin and what can be improved in the future. From the abstract:

The proposed talk provides a definition of the problem of creating e-money and after a review of the state of the art points out possible solutions and proposes questions for discussion for the properties of electronic money system.

For me, both talks are interesting. Besides the cryptographic challenges in this research area, this topic also has an heavy political impact. What would you do, if you could exchange money over the internet, untraceable and anonymously?

See the talks, Day 3, 14:00 Saal 1, and Day 3, 17:15, Saal 3.

Crypto talk at 28C3: Time is on my Side – Exploiting Timing Side Channel Vulnerabilities on the Web, Day 2, 18:30, Saal 2

Side channel attacks are very well known in cryptography. In a nutshell, a side channel information (not the ciphertext or the public key) is used to recover a secret. This can be the time it takes for a cryptographic operation, the power consumption of a device, the variations in the electromagnetic field surrounding a device or just the acoustic noise produced by a device. Secure implementations of cryptographic schemes usually implement countermeasures against these kind of attacks.

In contrast to the cryptography world, side channel attacks are not very well known in the general IT security business. However, side channel attacks can also be used against applications, that don’t use cryptography, but process any kind of secret data. Examples could be the size of a database, the privileges of a user, or just the length of a stored password. Sebastian Schinzel will present his analysis, as well as general attack techniques, than can be used to exploit side channel weaknesses on the web.

I think this talk is important, because it raises the general awareness of side channel attacks to the general IT security community. Side channel attacks are not solely restricted to cryptographic algorithms, and can be used as an effective attack against many more applications.

See the talk, Day 2, 18:30, Saal 2

Author: Erik Tews

Crypto Talk at 28C3: Ein Mittelsmannangriff auf ein digitales Signiergerät, Day 2, 18:30, Saal 3

Alexander Koch will be presenting the results of his bachelor thesis at 28C3. In his thesis, he implemented a person-in-the-middle-attack (don’t call it man-in-the-middle attack) against a USB chipcard reader for digital signatures. Instead of modifying  the software on the users PC, he implemented a USB hardware device, that can be plugged in between the chip card reader and the host PC. Because the device behaves passively as long as no signature is made, it is hard to detect from any kind of security software from the PC side. When a signature is made, the device can transmit a different message digest (another document is signed) to the chipcard reader. The generated signature is stored and can later be retrieved from the attacker using a wireless link.

I think this is a good demonstration that shows, why digital signature made on (secure) devices, that cannot display the signed document are not a good idea. Also, a hardware device is hard to detect in software, because it acts like a valid chip card reader to the PC.

See the talk, Day 2, 18:30, Saal 3

Author: Erik Tews