Speaker: Jasper van Woudenberg
Title: Side channel analysis and fault injection or: how physical access can still imply security
Hardware attacks, once a niche field restricted to military and early smartcard security researchers, are becoming more relevant with the explosion of embedded devices that surround us. On the technical side, this talk will introduce side channel and fault injection techniques, and how these affect the security of any device "out in the field"; and what software and hardware devs can do to mitigate these attacks. On the grand-scheme-of-things, this talk will put these attacks in context of the future of (embedded/IoT) security.
Speaker: Jordan Mecom
Title: Secure distribution and management of on-device keys
Key distribution and management is a critical component of secure hardware design. Failing to ensure the security and integrity of on-device keys can break an otherwise well-constructed security system. This talk will cover on-device key distribution and management, with a focus on how to provision key material at manufacturing time.
Speaker: Dmitry Nedospasov
Title: FPGAs for Hardware Security
Hardware implementations have long been out of reach for many security researchers, yet we are surrounded by an increasing number of smart devices. The software stacks continue to improve and every update to the firmware results in improved device security. However, devices remain susceptible to low level attacks on internal buses like spoofing or corrupting data. This talk will cover the wide range of security applications of FPGAs. From emulating proprietary protocols to directly interfacing to buses carrying sensitive data to accelerating and securing proprietary designs in data-centers for critical applications.
Speaker: Andres Krogh
Title: Adventures in Hackable Badges
Last month at SIGNAL 2017, each attendee received a device called "Hackpack" - a programmable attendee badge with cellular connectivity, a grid of blinking lights, and a mysterious NES-style cartridge connector. In the talk we'll explore the bright side of brute-forcing - the art & creativity that occurs when you equip hundreds of developers with a microprocessor, loose guidance, and an open serial port -- with a few intentional loopholes -- that drives the display of a very large LED wall.