Category: keys

Auto Added by WPeMatico

Improvements in Brute Force Attacks

Posted on By infossl
academic papers, cryptanalysis, keys, Security technology, Uncategorized

New paper: “GPU Assisted Brute Force Cryptanalysis of GPRS, GSM, RFID, and TETRA: Brute Force Cryptanalysis of KASUMI, SPECK, and TEA3.” Abstract: Key lengths in symmetric cryptography are determined with respect to the brute force attacks with current technology. While nowadays at least 128-bit keys are recommended, there are many standards and real-world applications that … Read More “Improvements in Brute Force Attacks” »

Compromising the Secure Boot Process

Posted on By infossl
cryptography, encryption, keys, passwords, Security technology, supply chain, Uncategorized, vulnerabilities

This isn’t good: On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than 200 device models sold by Acer, Dell, Gigabyte, Intel, and Supermicro. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022. In a public GitHub repository committed in December … Read More “Compromising the Secure Boot Process” »

Recovering Public Keys from Signatures

Posted on By infossl
anonymity, cryptanalysis, keys, Security technology, signatures, Uncategorized

Interesting summary of various ways to derive the public key from digitally signed files. Normally, with a signature scheme, you have the public key and want to know whether a given signature is valid. But what if we instead have a message and a signature, assume the signature is valid, and want to know which … Read More “Recovering Public Keys from Signatures” »

Microsoft Signing Key Stolen by Chinese

Posted on By infossl
authentication, backdoors, china, cybersecurity, hacking, keys, microsoft, Security technology, Uncategorized

A bunch of networks, including US Government networks, have been hacked by the Chinese. The hackers used forged authentication tokens to access user email, using a stolen Microsoft Azure account consumer signing key. Congress wants answers. The phrase “negligent security practices” is being tossed about—and with good reason. Master signing keys are not supposed to … Read More “Microsoft Signing Key Stolen by Chinese” »

Leaked Signing Keys Are Being Used to Sign Malware

Posted on By infossl
android, keys, leaks, malware, Security technology, Uncategorized

A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware. Łukasz Siewierski, a member of Google’s Android Security Team, has a post on the Android Partner Vulnerability Initiative (AVPI) issue tracker detailing leaked platform certificate keys that are actively being used to sign malware. … Read More “Leaked Signing Keys Are Being Used to Sign Malware” »

Hacking Automobile Keyless Entry Systems

Posted on By infossl
cars, hacking, keys, law enforcement, Security technology, theft, Uncategorized

Suspected members of a European car-theft ring have been arrested: The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car and drive away. As a result of a coordinated action carried out on 10 October in the three countries involved, 31 suspects were arrested. A total of … Read More “Hacking Automobile Keyless Entry Systems” »

Relay Attack against Teslas

Posted on By infossl
cars, hacking, keys, Security technology, Uncategorized, vulnerabilities

Nice work: Radio relay attacks are technically complicated to execute, but conceptually easy to understand: attackers simply extend the range of your existing key using what is essentially a high-tech walkie-talkie. One thief stands near you while you’re in the grocery store, intercepting your key’s transmitted signal with a radio transceiver. Another stands near your … Read More “Relay Attack against Teslas” »