Two Bitcoin related talks will be presented tomorrow. Bitcoin is a decentralized digital currency, and of course uses various cryptographic schemes as building blocks. Because Bitcoins can be exchanged with real money, Bitcoin is more than just an academic playground and real cash could be lost, if an attack on Bitcoin would be found.

The first talk Bitcoin – An Analysis will be presented by Kay Hamacher and Stefan Katzenbeisser. From the abstract:

In this presentation, we show results on network analysis of the money flow, the behavior of individuals, and the overall scalability of …

Side channel attacks are very well known in cryptography. In a nutshell, a side channel information (not the ciphertext or the public key) is used to recover a secret. This can be the time it takes for a cryptographic operation, the power consumption of a device, the variations in the electromagnetic field surrounding a device or just the acoustic noise produced by a device. Secure implementations of cryptographic schemes usually implement countermeasures against these kind of attacks.

In contrast to the cryptography world, side channel attacks are not very well known in the general IT …

Alexander Koch will be presenting the results of his bachelor thesis at 28C3. In his thesis, he implemented a person-in-the-middle-attack (don’t call it man-in-the-middle attack) against a USB chipcard reader for digital signatures. Instead of modifying  the software on the users PC, he implemented a USB hardware device, that can be plugged in between the chip card reader and the host PC. Because the device behaves passively as long as no signature is made, it is hard to detect from any kind of security software from the PC side. When a signature is made, the device can transmit a different …

Julian Wälde and Alexander Klink will be presenting a new attack against Web Application Frameworks (WAF), that can be used to generate HTTP requests, that take several minutes of CPU time to process. Sending many of these requests in parallel can be used as an effective Denial of Service attack against many websites. Even one cannot spot any relation to cryptography from the abstract, I have been informed that this talk will also cover many cryptography related aspects.

See the talk, Day 2, 14:00, Saal 1

Author: Erik Tews

A group of enthusiast interpreters at the congress are organizing simultaneous translation into English for a small selection of German talks. We are aiming for the “fun” events that have been translated for a few years, and for the first time this year, we are trying our hand at some “content” talks as well.

The provisional list of translated events is:

• “Hacker Jeopardy – number guessing for geeks“, Day 2, Midnight – This will be on DECT, streamed to “Saal 3” on the Internet and archived.
• “Data fairy or fair game – what is the value of tracking data?”, Day 3, 18:30 – An overview about web …

We, Sebastian and Julian, are part of last year’s core team of live interpreters. In the past we have translated at several Chaos Communication Congresses, together with Volty who cannot be there this year and many others.
We want to continue this tradition of translating important talks such as the Fnord News Show and the Hacker Jeopardy, but also others, depending on our resources.
If you are interested in helping out, please meet us on Day 1, December 27th, at 21:00 in the angel area down in the basement. You may also contact us via e-mail at Sebastian.Lisken _at_ gmx.net or julian _at_ …

The first cryptography related talk at 28C3 is about data mining in encrypted data. One may assume, that encrypting your data with a good encryption scheme prevents other people from learning about it. However, this is not true, specially for network protocols, that often leak information, like who is communicating with who, and when how much data is transferred. An attacker can use these information to make assumptions about the content of the transmission.

From the abstract: Voice over IP (VoIP) has experienced a tremendous growth over the last few years and is now widely used among the …

Heads up everyone, voicebarf is up and running! Voicebarf provides you with the latest information about the 28c3 schedule. Even when the internet is down. Use your DECT or GSM compatible phone to dial the number 7666 (SOON), and voicebarf will tell you which talks are up next. You can even request a reminder, and voicebarf will call you back fifteen minutes before your favourite talk starts. Dial 8255 (TALK) to get the currently running talks. Dial TALK (8255) when a talk is just finished to rate that talk. Talk ratings’ importance for the content team can not be overestimated. The content …

Es ist eine tolle Idee seine Kinder auf den 28c3 mitzubringen. Nicht nur, dass sie kostenfreien Eintritt haben, wenn sie elf oder jünger sind. Sondern auch das Chaos macht Schule-Projekt bietet vier Stände an, die sich speziell um die Junghacker kümmern werden.

Ein Stand wird sich speziell um sichere Kommunikation in Computernetzwerken kümmern und für alle kniffligen Fragen um das Thema Antworten parat halten.

Die anderen Stände bieten Basteltrainings um dem Nachwuchs zu helfen, auf den Grund der technischen Spielereien zu gelangen: Von Miniroboter, über elektronischem Haustier, bis zur …

When packing for 28C3, don’t forget to bring your r0ket! (and a micro-USB cable!)

Among other things there will be a multiplayer tetris game on an LED wall you can play with your r0ket and new m0duls to boost your r0ket into new heights.

To access all new features of your r0ket have a look at http://r0ket.badge.events.ccc.de/init

The update contains an improved mesh network, l0dables for interactive installations and support for the next flame generation.

Good news for those who didn’t get one on camp – or want more: Team r0ket will be selling new, slightly improved r0kets for 30 Euros and RGB …

Since we forgot to mention it in the first place: Yes, we do have a 28c3-friends request address for people who can’t afford to pay the full ticket price. We’ve added information to http://events.ccc.de/congress/2011/wiki/Tickets:

If you or someone you know can’t afford to pay the full price for a ticket, send a mail to 28c3-friends@cccv.de. Please tell us, why this person can’t pay the full price and why he or she should take part in 28C3 nevertheless. Usually we agree on some affordable price. But please keep in mind that tickets are already very cheap and that we can handle only a limited …

Die Deutsche Bahn für den Congress ein begrenztes Kontingent an verbilligten Fahrkarten zur Verfügung gestellt, welche von euch günstig erworben werden können. Der Preis ist dabei im Vergleich zum letzten Jahr sogar um 10 Euro gesunken.

Im Gegensatz zu letztem Jahr und zum Camp gibt es nicht nur zwei, sondern vier Fahrkartentypen: zuggebundene Fahrkarten (bei der Buchung muss sich für einen Zug entschieden werden) und zugungebundene Fahrkarten (Einsteigen, losfahren), das Ganze jeweils in der ersten oder zweiten Klasse, online und telefonisch buchbar.

Online:

• 2. Klasse, zuggebunden: 89,00 Euro …