At this year’s Chaos Communication Congress (24C3), I presented some work I’ve been doing with Saar Drimer: implementing a smart card relay attack and demonstrating that it can be prevented by distance bounding protocols. My talk (abstract) was filmed and the video can be found below. For more information, we produced a webpage and the details can be found in our paper.
Liam Tung from ZDNet Australia has written an article on my talk: Bank card attack: Only Martians are safe.
The CCC is a great conference to attend and a good source of ideas for papers. There were many excellent talks, but here are a few I can particularly recommend (I’m still working though the videos of talks I couldn’t attend in person):
- Current events in Tor development
- Roger Dingledine gives Tor-related news, including anti-censorship features and interaction with law enforcement
- Design Noir
- ladyada talks about controversial electronics projects, including the TV-B-Gone and her own cellphone jammer
- DNS Rebinding And More Packet Tricks
- Dan Kaminsky describes the DNS Rebinding attack and demonstrates tunneling arbitrary TCP streams over a browser
- Karsten Nohl and Henryk Plötz describe how they reverse-engineered the Mifare encryption algorithm, Crypto1, and the weaknesses they discovered
- Steam-Powered Telegraphy
- Jens Ohlig et al. demonstrate their Internet connected (but not quite steam-powered) Telex machine
- What can we do to counter the spies?
- Annie Machon describes her work with MI5, the abuses which caused her to leave, and her life on the run
- Why Silicon-Based Security is still that hard: Deconstructing Xbox 360 Security
- Michael Steil and Felix Domke demonstrate the clever techniques they developed to install Linux on the Xbox 360