Security. Cryptography. Whatever. - Nate Lawson: Part 1 - Deirdre Connolly, Thomas Ptacek, David Adrian | Podcast | Liulo.fm - Podcast & Audio Platform

Nate Lawson: Part 1

SEP 09, 2022

Security. Cryptography. Whatever.

Play

Description Community

About

We bring on Nate Lawson of Root Labs to talk about a little bit of everything, starting with cryptography in the 1990s.

References

IBM S/390: https://ieeexplore.ieee.org/document/5389176
SSLv2 Spec: https://www-archive.mozilla.org/projects/security/pki/nss/ssl/draft02.html
Xbox 360 HMAC: https://beta.ivc.no/wiki/index.php/Xbox_360_Timing_Attack
Google Keyczar HMAC bug (reported by Nate): https://rdist.root.org/2009/05/28/timing-attack-in-google-keyczar-library/

Errata

HMAC actually published in 1996, not 1997
"That was one of the first, I think hardware applications of DPA was, was, um, satellite TV cards." Not true, they first were able to break Mondex, a MasterCard smart card

"Security. Cryptography. Whatever." is hosted by Deirdre Connolly, Thomas Ptacek, and David Adrian.

Transcript: https://share.descript.com/view/lhzrbt6hDeL

Comments