I hope to attend a CCC event some day. While there are many great talks in the 26c3 schedule, here are some talks that look particularly interesting.
- Reverse-Engineering DisplayLink devices: 12-bit LFSR and CRC12 make for kindergarten crypto. Hilarity ensues.
- Exposing Crypto Bugs through reverse engineering: numerous encrypted storage products implement creative crypto flaws. Really, how else can you come up with ideas such as supplying a checksum of the secret key or dumping the last three password hashes pre-authentication?
- Blackbox JTAG Reverse Engineering: Felix Domke of Wii and Xbox360 hacking fame. Perhaps he’ll announce a new console break simultaneously?
- How you can build an eavesdropper for a quantum cryptosystem: I’ve been an opponent of quantum crypto for a long time. However, some people don’t get the message until attacks are implemented so this is great to see.
Others that may be interesting but haven’t posted slides or papers yet:
- Using OpenBSC for fuzzing of GSM handsets: lots of work being done to open up access to GSM, which is overdue for open-source access. Maybe CDMA is next?
- Finding the key in the haystack: intro to differential power analysis, focused on AES
- Building a Debugger: mostly interested in what direction Travis may be going with glitching
- GSM: SRSLY?
- DECT (Part II)
Hope everyone at 26c3 has a great time. Best wishes for a safe and secure 2010.
rdist 
Sigh. I’m not sure how I feel about the GSM attacks.
The hand-waving assertion in the SRSLY talk that criminals are cracking GSM all the time smells strongly of fish to me. If there are criminal gangs out there of sufficient skill to replicate the work these guys are doing, they’re surely in the tiny minority. And the ability of governments to break it is no news, it must be taken for granted by any even remotely clueful criminal, I mean Hollywood has only been showing location traces and intercepts in films for the last 10 years or so.
It’s not even telling the world something new or interesting. GSM security was known to be vulnerable, that’s why UMTS does mutual handset/network authentication and isn’t vulnerable to the kasumi downgrade attacks. Releasing the tools people need to practically exploit GSM isn’t going to magically speed up 3G deployments.
As is often the case with advanced security research, it seems likely to me that the only people who will benefit from it are bad guys who don’t have the skill level needed to do the work themselves, which I feel sure is the vast majority.
I was with you until the “bad guys” part. I think this announcement and publicity was premature. Basically they reached a milestone of getting all the data together, but it’s not yet in a sorted and cleaned up form. That’s great, but probably not the most effective time to make a big splash since so much isn’t complete, as you point out. It leaves room for industry FUD.
Compare this to the EFF DES Cracker. They went public after they had cracked the DES Challenge key, not when the first prototype chips came online. That was the right moment to have the biggest impact on getting banks to change over from single DES.
BTW thanks for the links. I found two other talks that are of direct interest to me and my work:
http://events.ccc.de/congress/2009/Fahrplan/events/3688.en.html
I’ve been working on identifying large numbers of bad/fake spammer ASNs. Who needs botnets when you can just scam RIPE out of huge netblocks?
http://events.ccc.de/congress/2009/Fahrplan/events/3464.en.html
I’ve been developing some of the ideas of liquid democracy on my own. I didn’t know until today that it has a name. Looks like web activity for the term [liquid democracy] is pretty quiet though. It’s good to find a way to connect with others who are using the same ideas. The pirate party connection is unfortunate though.