28C3: Behind enemy lines (2011) on CCC Event Blog

Recordings of 28C3 talks available

Sat, 31 Dec 2011 13:59:22 +0000

The 28th Chaos Communication Congress ended yesterday and most of the talks are already available for download.

http://events.ccc.de/congress/2011/wiki/Documentation

Credit goes to the FEM, who did a really tremendous job streaming the talks during the conference and who still continue their hard work by publishing the Official Releases of the last talks.

Did you really love certain events? Weren’t so excited about others? Let us know! You can leave feedback via the Fahrplan. Find the events you’d like to leave your thoughts on and click on the green “Give Feedback” link in the lower right hand corner. We use this information to plan future events, so your input is essential.

Many thanks again for a great Congress and we’ll see you at the Sigint 2012 in May or the next Chaos Communication Congress!

Crypto talk at 28C3: Sovereign Keys – A proposal for fixing attacks on CAs and DNSSEC, Day 3, 23:00, Saal 3

Thu, 29 Dec 2011 16:27:18 +0000

After many attacks on X.509 and the internet PKI infrastructure, it became clear, that the current state does not meet the requirements for the upcoming challenges for secure internet communication in the future. CAs have been completely compromised, and weak cryptography used by PKIs has been broken in practice to issue rouge certificates. So there is a need for an alternative how to establish a binding between your public key and your identity. The EFF will present their proposal to improve the security of SSL/TLS connections this evening at the congress.

See the talk, Day 3, 23:00, Saal 3.

Author: Erik Tews

“Neue Leichtigkeit”

Thu, 29 Dec 2011 13:59:13 +0000

Tonight the young Swiss music group “Europa” is bringing “new airiness” to the 28C3 in the form of a Gala. The main goal is to put in question the practice of the entertainment industry and alienate its conventions by overdriving them. It’s going to be an experiment you can become part of as spectators. Please watch the following teaser. [The teaser has been removed since the server hosting it was a temporary one located at 28c3. Check the vimeo link below or download the recording of the actual talk]

Video: http://vimeo.com/34302758
Link 28C3 Fahrplan: http://events.ccc.de/congress/2011/Fahrplan/events/4832.en.html
Link Official Website: http://neueleichtigkeit.eu/

Crypto talk at 28C3: TRESOR: Festplatten sicher verschlüsseln, Day 3, 14:30, Saal 2

Thu, 29 Dec 2011 12:02:08 +0000

Some of you may remember the Cold Boot Attack. It’s a general method, how almost all disk encryption schemes on PCs and Laptop can be circumvented.

Usually, when a harddisk or just a partition is encrypted, the encryption software used, needs to store the keys in memory, as long as the filesystem is mounted. Three years ago, it was shown that this key can be extracted, just by removing the RAM module, and dumping it’s content on a second PC using a custom software. Alternatively, the system can be booted from a CD or USB-stick with a custom software, that dumps the content of the RAM. As long as the RAM has only been off for a few seconds, or cold down to a low temperature, it doesn’t loose the stored data completely, and the encryption keys can be recovered from that dump.

Today, a solution for this problem will be presented, that prevents the attack by never storing the encryption key in RAM. Instead, CPU registers are used, and because the encryption code runs in kernel space, it can ensure, that they are never stored in RAM.

This sounds like a good solution to me, except that it only prevents the encryption key from leaking. Of course, the actual data, that is decrypted and that applications on that system work with, can still be found in RAM, but I have no idea how this can be fixed easily.

See the talk: Day 3, 14:30, Saal 2

Crypto talk at 28C3: Implementation of MITM Attack on HDCP-Secured Links, Day 3, 18:30, Saal 1

Thu, 29 Dec 2011 00:43:29 +0000

On Day 3 of 28C3, an absolute crypto highlight will be presented. A Person-In-The-Middle (previously known as Man-In-The-Middle)attack against HDCP-secured links. For those who don’t know, HDCP is a protocol for digital video links like DVI, Display Port and HDMI, that encrypts the content between your PC or Blue-Ray player and your digital TV or display. HDCP was invented so that the encrypted high quality video, as you can find it on a Blue-Ray disc or HD-DVD will never be unencrypted in it’s digital form on the way to the display. If those systems would be secure, this could prevent pirated high quality rips of these videos on the internet.

However, such systems have been broken, for example Blue-Ray discs can be ripped with a standard PC using the right Blue-Ray drive and a commercial software. Even HDCP has been broken in practice so far. I don’t know how it append exactly, but the HDCP master key has been posted on a public website on the internet, which I won’t link here. Using this key, you would be theoretically able to decrypt a HDCP secured link, and record the raw digital signal transmitted there. The practical problems are, that DVI, HDMI and DisplayPort are very high speed links, and no general sniffers and universal transmitters are available for a low price. In contrast to that, WiFi can usually be sniffed using the build-in WLAN adapter in a consumers laptop.

In this talk, a custom build hardware will be presented, that can be used to act as a Person-In-The-Middle on DHCP secured links, and can alter the signal transmitted there. The actual brilliant idea here is, that this type of attack does not allow you do record the transmission in clear, so that this is a non-copyright circumventing attack, and cannot be prosecuted using copyright enforcement laws. However, due to the open nature of the hardware platform, one may modify this attack to archive other goals.

A short summary from the abstract:

A system has been described that enables a man-in-the-middle attack upon HDCP secured links. The attack enables the overlay of video upon existing streams; an example of an application of the attack is the overlay of a personalized twitter feed over video programs. The attack relies upon the HDCP master key and a snooping mechanism implemented using an FPGA. The implementation of the attack never decrypts previously encrypted video, and it is incapable of operating without an existing, valid HDCP link. It is thus an embodiment of a bona-fide, non-infringing and commercially useful application of the HDCP master key. This embodiment impairs the equating of the HDCP master key with copyright circumvention purposes.

The slides are already available at: http://events.ccc.de/congress/2011/Fahrplan/attachments/2011_HDCP_MITM_28c3_bunnie.pdf

See the talk: Day 3, 18:30, Saal 1

Author: Erik Tews

Crypto talk at 28C3: Bitcoin

Wed, 28 Dec 2011 23:51:43 +0000

Two Bitcoin related talks will be presented tomorrow. Bitcoin is a decentralized digital currency, and of course uses various cryptographic schemes as building blocks. Because Bitcoins can be exchanged with real money, Bitcoin is more than just an academic playground and real cash could be lost, if an attack on Bitcoin would be found.

The first talk Bitcoin – An Analysis will be presented by Kay Hamacher and Stefan Katzenbeisser. From the abstract:

In this presentation, we show results on network analysis of the money flow, the behavior of individuals, and the overall scalability of P2P-currencies. At the same time we will discuss advanced “financial instruments” that one might find in the transactions.

So I assume that this will be an in-depth analysis of the current state of the Bitcoin network. The second talk Electronic money: The road to Bitcoin and a glimpse forward – How the e-money systems can be made better given by peio will cover the general topic of digital money and what lead to the development of Bitcoin. It will even look beyond Bitcoin and what can be improved in the future. From the abstract:

The proposed talk provides a definition of the problem of creating e-money and after a review of the state of the art points out possible solutions and proposes questions for discussion for the properties of electronic money system.

For me, both talks are interesting. Besides the cryptographic challenges in this research area, this topic also has an heavy political impact. What would you do, if you could exchange money over the internet, untraceable and anonymously?

See the talks, Day 3, 14:00 Saal 1, and Day 3, 17:15, Saal 3.

Crypto talk at 28C3: Time is on my Side – Exploiting Timing Side Channel Vulnerabilities on the Web, Day 2, 18:30, Saal 2

Wed, 28 Dec 2011 00:48:51 +0000

Side channel attacks are very well known in cryptography. In a nutshell, a side channel information (not the ciphertext or the public key) is used to recover a secret. This can be the time it takes for a cryptographic operation, the power consumption of a device, the variations in the electromagnetic field surrounding a device or just the acoustic noise produced by a device. Secure implementations of cryptographic schemes usually implement countermeasures against these kind of attacks.

In contrast to the cryptography world, side channel attacks are not very well known in the general IT security business. However, side channel attacks can also be used against applications, that don’t use cryptography, but process any kind of secret data. Examples could be the size of a database, the privileges of a user, or just the length of a stored password. Sebastian Schinzel will present his analysis, as well as general attack techniques, than can be used to exploit side channel weaknesses on the web.

I think this talk is important, because it raises the general awareness of side channel attacks to the general IT security community. Side channel attacks are not solely restricted to cryptographic algorithms, and can be used as an effective attack against many more applications.

See the talk, Day 2, 18:30, Saal 2

Author: Erik Tews

Crypto Talk at 28C3: Ein Mittelsmannangriff auf ein digitales Signiergerät, Day 2, 18:30, Saal 3

Wed, 28 Dec 2011 00:14:53 +0000

Alexander Koch will be presenting the results of his bachelor thesis at 28C3. In his thesis, he implemented a person-in-the-middle-attack (don’t call it man-in-the-middle attack) against a USB chipcard reader for digital signatures. Instead of modifying the software on the users PC, he implemented a USB hardware device, that can be plugged in between the chip card reader and the host PC. Because the device behaves passively as long as no signature is made, it is hard to detect from any kind of security software from the PC side. When a signature is made, the device can transmit a different message digest (another document is signed) to the chipcard reader. The generated signature is stored and can later be retrieved from the attacker using a wireless link.

I think this is a good demonstration that shows, why digital signature made on (secure) devices, that cannot display the signed document are not a good idea. Also, a hardware device is hard to detect in software, because it acts like a valid chip card reader to the PC.

See the talk, Day 2, 18:30, Saal 3

Author: Erik Tews

Crypto Talk at 28C3: Effective Denial of Service attacks against web application platforms, Day 2, 14:00, Saal 1

Tue, 27 Dec 2011 23:49:34 +0000

Julian Wälde and Alexander Klink will be presenting a new attack against Web Application Frameworks (WAF), that can be used to generate HTTP requests, that take several minutes of CPU time to process. Sending many of these requests in parallel can be used as an effective Denial of Service attack against many websites. Even one cannot spot any relation to cryptography from the abstract, I have been informed that this talk will also cover many cryptography related aspects.

See the talk, Day 2, 14:00, Saal 1

Author: Erik Tews

Live translation into English at 28C3

Tue, 27 Dec 2011 21:32:01 +0000

A group of enthusiast interpreters at the congress are organizing simultaneous translation into English for a small selection of German talks. We are aiming for the “fun” events that have been translated for a few years, and for the first time this year, we are trying our hand at some “content” talks as well.

The provisional list of translated events is:

“Hacker Jeopardy – number guessing for geeks“, Day 2, Midnight – This will be on DECT, streamed to “Saal 3” on the Internet and archived.
“Data fairy or fair game – what is the value of tracking data?”, Day 3, 18:30 – An overview about web tracking technologies and detailed discussion of the value that these interaction data actually have for the involved players. – On DECT, streamed to “Saal 3” on the Internet and archived.
“Fnord review for 2011“, Day 3, 23:00 – On DECT, streamed to “Saal 2”, to the Internet and archived.
“Security nightmares“, Day 4, 17:15 – TBA

Be sure to tell your English speaking friends to check out some really great content they might not otherwise have access to!

Call for live interpreters at 28C3

Tue, 27 Dec 2011 18:51:03 +0000

We, Sebastian and Julian, are part of last year’s core team of live interpreters. In the past we have translated at several Chaos Communication Congresses, together with Volty who cannot be there this year and many others.
We want to continue this tradition of translating important talks such as the Fnord News Show and the Hacker Jeopardy, but also others, depending on our resources.
If you are interested in helping out, please meet us on Day 1, December 27th, at 21:00 in the angel area down in the basement. You may also contact us via e-mail at Sebastian.Lisken _at_ gmx.net or julian _at_ phinn.de – or via twitter at @hdsjulian.

The talks we want to interpret are:
http://events.ccc.de/congress/2011/Fahrplan/events/4844.en.html
http://events.ccc.de/congress/2011/Fahrplan/events/4788.en.html
http://events.ccc.de/congress/2011/Fahrplan/events/4775.en.html
http://events.ccc.de/congress/2011/Fahrplan/events/4866.en.html
http://events.ccc.de/congress/2011/Fahrplan/events/4898.en.html

Now, as we have gathered some experience in the past few years, we would like to intensify our efforts and get even more important German talks to be translated even better.
Therefore we need help from fellow hackers. Please note that the following rules might sound a little strict for a voluntary job. However, experiences from the last years have shown that this work can only be done if there is absolutely no personal vanity involved and everybody is willing to submit to a strong hierarchy in order to do a good job. Nobody wants to get bored with a bad translation and we are truly willing to give our best. Also the work in the interpretation booth can be very, very stressful at times.
We want to provide all congress attendees (and people watching the stream) the best possible translation. In order to do this we are willing to work hard and submit ourself to a strict set of rules. We expect the same from everybody who wants to help us.

You are:
– Excellent in speaking English and German
– Or excellent in understanding English and German, with a talent for keeping your head up in stressful situations
– Willing to submit to a strong set of rules
– Possibly experienced with translations

Jobs to be done:

Interpreter

We need some good translators willing to spend part of their time at the Congress in the speaker’s cabin. You will sit together with two other translators and do your best interpreting talks live in several minute long segments as told to you by the director.

Director

We also need some very few “Directors”. In the past we have noticed that we get into the best flow if we have a person listening to our translations and deciding on the fly who should do the talking. This director will have to have a good understanding of the work the interpreters are doing. They will decide autonomously when to choose which interpreter for how long. Their job is to get a good flow into the translation and prevent exhaustion and lack of concentration among the interpreters.

The director can be an interpreter as well. When they choose to act as interpreter, the director will put a replacement director in charge for the duration of that segment.

Rules:

Please do not feel insulted by the strictness of these rules. We have had issues in the past with the vanity of individuals who didn’t do a good job but insisted to continue interpreting. We want to prevent this.

During the talk, the core team’s word is law.
The core team at first consists of Sebastian and Julian. We will be eager to invite more people as we move along. We strongly believe in a trust and merit based system.
There will be no discussions in the interpretation booth. Period.
Disputes will be solved outside and _after_ the talks.
We do understand that interpreting is a skill to be learned through practice. We will not send away newbies. We will however make sure their talking time is limited until they feel secure and able to do more segments.
After the talk we will have a discussion with all participants. There will be open criticism and everybody will have the right to speak their mind. This includes criticising the core team (who will also be interpreting and directing, of course) as well as the other directors and interpreters for their work as well as their behaviour. Of course this round is also open for positive criticism and finding out what was good.

Crypto Talk at 28C3: Datamining for Hackers – Encrypted Traffic Mining, Day 1, 14:00, Saal 1

Tue, 27 Dec 2011 00:23:34 +0000

The first cryptography related talk at 28C3 is about data mining in encrypted data. One may assume, that encrypting your data with a good encryption scheme prevents other people from learning about it. However, this is not true, specially for network protocols, that often leak information, like who is communicating with who, and when how much data is transferred. An attacker can use these information to make assumptions about the content of the transmission.

From the abstract: Voice over IP (VoIP) has experienced a tremendous growth over the last few years and is now widely used among the population and for business purposes. The security of such VoIP systems is often assumed, creating a false sense of privacy. Stefan will present research into leakage of information from Skype, a widely used and protected VoIP application. Experiments have shown that isolated phonemes can be classified and given sentences identified. By using the dynamic time warping (DTW) algorithm, frequently used in speech processing, an accuracy of 60% can be reached. The results can be further improved by choosing specific training data and reach an accuracy of 83% under specific conditions.

I think this talk is interesting, because it can show you how much information can even be gathered from an encrypted data stream, just using some side information from the communication.

See the talk: Day 1, 14:00, Saal 1

Author: Erik Tews

Dial 7666 for upcoming 28c3 talks

Mon, 26 Dec 2011 19:34:38 +0000

Heads up everyone, voicebarf is up and running! Voicebarf provides you with the latest information about the 28c3 schedule. Even when the internet is down. Use your DECT or GSM compatible phone to dial the number 7666 (SOON), and voicebarf will tell you which talks are up next. You can even request a reminder, and voicebarf will call you back fifteen minutes before your favourite talk starts. Dial 8255 (TALK) to get the currently running talks. Dial TALK (8255) when a talk is just finished to rate that talk. Talk ratings’ importance for the content team can not be overestimated. The content team relies on your feedback to make the next year’s schedule even better. So do not hesitate to rate the talks you saw – be it live in the lecture hall or via stream, or afterwards on the recording. If you do not have your laptop at your fingertips – use Voicebarf, dial TALK (8255).

If you do not know about the Phone Operation Center (POC), check out their website (click here).

Why the name «voicebarf»? Because of pentabarf, the ccc conference planning software. Voicebarf was created by alech with a bit of help by hc. Since alech is busy with his talk this year, if you’ve got any questions about voicebarf, you may give hc a ring at 4321.

A small sidenote: The eventphone SIP stack is a bit instable ATM, so if you don’t get through at once, just try again ten seconds later!

28C3 – Bring your r0ket

Wed, 21 Dec 2011 22:15:50 +0000

When packing for 28C3, don’t forget to bring your r0ket! (and a micro-USB cable!)

Among other things there will be a multiplayer tetris game on an LED wall you can play with your r0ket and new m0duls to boost your r0ket into new heights.

To access all new features of your r0ket have a look at http://r0ket.badge.events.ccc.de/init

The update contains an improved mesh network, l0dables for interactive installations and support for the next flame generation.

Good news for those who didn’t get one on camp – or want more: Team r0ket will be selling new, slightly improved r0kets for 30 Euros and RGB flame m0dules for 10 Euros on 28C3.

They will also bring several USB missile launchers for a hardware hacking competition – the goal is to combine the missile launcher with your r0ket. If you are one of the first 100 people to publish a cool hack, you can keep the launcher for free!

For more information on the r0ket badge and current updates on where to get one during Congress see http://r0ket.badge.events.ccc.de

Details on the missile launcher competition: http://r0ket.badge.events.ccc.de/r0ketlauncher

Pictures of the new r0ket generation:

28C3 – Can’t Afford to Pay the Full Price?

Wed, 02 Nov 2011 23:49:20 +0000

Since we forgot to mention it in the first place: Yes, we do have a 28c3-friends request address for people who can’t afford to pay the full ticket price. We’ve added information to http://events.ccc.de/congress/2011/wiki/Tickets:

If you or someone you know can’t afford to pay the full price for a ticket, send a mail to 28c3-friends@cccv.de. Please tell us, why this person can’t pay the full price and why he or she should take part in 28C3 nevertheless. Usually we agree on some affordable price. But please keep in mind that tickets are already very cheap and that we can handle only a limited number of such requests. So, please think twice before sending us a mail to that address.

If you want to try your luck, you still need to get a ticket in the on-line ticket sales. Just choose any ticket type and tell us the user name. If we agree on some price, we’ll edit your order afterwards. If we don’t agree, you may just not pay within 2 weeks.