Shmoocon 2016: Computing In A Post Quantum World

January 16, 2016 by Brian Benchoff 50 Comments

There’s nothing more dangerous, so the cryptoheads say, than quantum computing. Instead of using the state of a transistor to hold the value of a bit as in traditional computers, quantum computers use qubits, or quantum information like the polarization of a photon. According to people who know nothing about quantum computers, they are the beginning of the end, the breaking of all cryptography, and the Rise of the Machines. Lucky for us, [Jean-Philippe Aumasson] actually knows a thing or two about quantum computers and was able to teach us a few things at his Shmoocon talk this weekend, “Crypto and Quantum and Post Quantum”

This talk is the continuation of [Jean-Philippe]’s DEF CON 23 talk that covered the basics of quantum computing (PDF) In short, quantum computers are not fast – they’re just coprocessors for very, very specialized algorithms. Quantum computers do not say P=NP, and can not be used on NP-hard problems, anyway. The only thing quantum computers have going for them is the ability to completely destroy public key cryptography. Any form of cryptography that uses RSA, Diffie-Hellman, Elliptic curves is completely and totally broken. With quantum computers, we’re doomed. That’s okay, according to the DEF CON talk – true quantum computers may never be built.

The astute reader would question the fact that quantum computers may never be built. After all, D-Wave is selling quantum computers to Google, Lockheed, and NASA. These are not true quantum computers. Even if they’re 100 Million times faster than a PC, they’re only faster for one very specific algorithm. These computers cannot simulate a universal quantum computer. They cannot execute Shor’s algorithm, an algorithm that finds the prime factors of an integer. They are not scalable, they are not fault-tolerant, and they are not universal quantum computers.

As far as true quantum computers go, the largest that has every been manufactured only contain a handful of qubits. To crack RSA and the rest of cryptography, millions of qubits are needed. Some algorithms require quantum RAM, which nobody knows how to build. Why then is quantum computing so scary? RSA, ECC, Diffie-Hellman, PGP, SSH and Bitcoin would die overnight if quantum computers existed. That’s a far scarier proposition to someone hijacking your self-driving car or changing the display on a smart, Internet-connected thermostat from Fahrenheit to Celsius.

What is the verdict on quantum computers? Not too great, if you ask [Jean-Philippe]. In his opinion, it will be 100 years until we have a quantum computer. Until then, crypto is safe, and the NSA isn’t going to break your codez if you use a long-enough key.

Random Parcel Launches Steganographic Compulsion

October 16, 2015 by Mike Szczys 49 Comments

A mysterious CD arrives in the mail with a weird handwritten code on it. What should you do? Put it in the computer and play the thing, of course!

Some might be screaming at their screens right now… this is how modern horror films start and before you know it the undead are lurking behind you waiting to strike. Seasonal thrills aside, this is turning into an involved community effort to solve the puzzle. [Johny] published the video and posted a thread on reddit.

We ran a similar augmented reality game to launch the 2014 Hackaday Prize solved by a dedicated group of hackers. It’s really hard to design puzzles that won’t be immediately solved but can eventually be solved with technology and a few mental leaps. When we come across one of these extremely clever puzzles, we take note.

This has all the hallmarks of a good time. The audio spectrogram shows hidden data embedded in the file — a technique known as steganography. There are some real contortions to make meaning from this. When you’re looking for a solution any little hit of a pattern feels like you’ve found something. But searching for the decrypted string yields a YouTube video with the same name; we wonder if they’ve tried to recover steganographic data from that source?

[Johny] mentions that this parcel was unsolicited and that people have suggested it’s a threat or something non-sensical in its entirety. We’re hoping it’s a publicity stunt and we’re all disappointed in the end, because solving the thing is the best part and publicity wouldn’t work if there was no solution.

The bright minds of the Hackaday community should be the ones who actually solve this. So get to work and let us know what you figure out!

Arduino’s Long-Awaited Improved WiFi Shield

October 1, 2015 by Brian Benchoff 45 Comments

Announced at the 2014 Maker Faire in New York, the latest Arduino WiFi shield is finally available. This shield replaces the old Arduino WiFi shield, while providing a few neat features that will come in very handy for the yet-to-be-developed Internet of Things.

While the WiFi Shield 101 was announced a year ago, the feature set was interesting. The new WiFi shield supports 802.11n, and thanks to a few of Atmel’s crypto chip offerings, this shield is the first official Arduino offering to support SSL.

The new Arduino WiFi Shield 101 features an Atmel ATWINC1500 module for 802.11 b/g/n WiFi connectivity. This module, like a dozen or so other WiFi modules, handles the heavy lifting of the WiFi protocol, including TCP and UDP protocols, leaving the rest of the Arduino free to do the actual work. While the addition of 802.11n will be increasingly appreciated as these networks become more commonplace, the speed offered by ~n isn’t really applicable; you’re not going to be pushing bits out of an Arduino at 300 Mbps.

Also included on the WiFi shield is an ATECC508A CryptoAuthentication chip. This is perhaps the most interesting improvement over the old Arduino WiFi shield, and allows for greater security for the upcoming Internet of Things. WiFi modules already in the space have their own support for SSL, including TI’s CC3200 series of modules, Particle‘s Internet of Things modules, and some support for the ESP8266.

A protoboard layout for an ATtiny85 door chime

AES-CMAC On An ATtiny85

February 20, 2015 by Eric Evenchick 35 Comments

[Blancmange] built a custom door chime using an ATtiny85. Unlike most commercial products out there, this one actually tries to be secure, using AES-CMAC for message signing.

The hardware is pretty simple, and a protoboard layout is shown in the image above. It uses the ATtiny85 for control, with an LM380N audio amplifier, and a low cost 315 MHz receiver.

The more impressive part of the build is the firmware. Using AVR assembly, [Blancmange] managed to fit everything into the 8 Kbytes of flash on the ATtiny85. This includes an implementation of AES-CMAC, an AES cypher based message authentication code. The transmitting device signs the request with a key shared between both devices, and the receiver verifies that the message is from a trusted transmitter.

Fortunately, the assembly code is very well commented. If you’ve ever wanted to take a look into some complex ASM assembly, this is a great project to check out. The source code has been released into the public domain, so the rest of us can implement crypto on this cheap microcontroller with much less effort.

SAINTCON Badge (Badge Hacking For Mortals)

October 28, 2014 by Mike Szczys 11 Comments

[Josh] attended his first SAINTCON this weekend before last and had a great time participating in the badge hacking challenge.

The 2014 SAINTCON is only the second time that the conference has been open to the public. They give out conference badges which are just an unpopulated circuit board. This makes a lot of sense if you figure the number of people who actually hack their badges at conferences is fairly low. So he headed off to the hardware hacking village to solder on the components by hand — it’s an Arduino clone.

This is merely the start of the puzzle. We really like that the published badge resources include a crash course on how to read a schematic. The faq also attests that the staff won’t solder it for you and to get your microcontroller you have to trade in your security screw (nice touch). Once up and running you need to pull up the terminal on the chip and solve the puzzles in the firmware’s menu system. This continues with added hardware for each round: an IR receiver, thermistor, EEPROM, great stuff if you’re new to microcontrollers.

[Josh] mentions that this is nothing compared to the DEFCON badge. Badge hacking at DEFCON is **HARD**; and that’s good. It’s in the top-tier of security conferences and people who start the badge-solving journey expect the challenge. But if you’re not ready for that level of puzzle, DEFCON does have other activities like Darknet. That is somewhere in the same ballpark as the SAINTCON badge — much more friendly to those just beginning to developing their crypto and hardware hacking prowess. After all, everyone’s a beginner at some point. If that’s you quit making excuses and dig into something fun like this!

The Solution To The 10th Anniversary Code

October 27, 2014 by Brian Benchoff 16 Comments

A few weeks ago, [1o57], a.k.a. [Ryan Clarke] gave a talk about puzzles, DEFCON, and turning crypto puzzles into an art form at our 10th anniversary party. Ever the trickster, [1o57] included a crypto challenge in his talk, and a few days after our little shindig, nobody had yet solved the puzzle. Finally, someone bothered to sit down and figure it out. We don’t know what [tahnok] won, but as [1o57] said, solving it is its own reward.

Some of the slides in the presentation had a few characters sitting off to the side for no apparent reason. [tahnok] put these together and came up with:

DOXIYLDCYVDKIKNKUMKRYDNBYGONYMNXOC

In cases like this, you might try a Caesar cipher, or just shifting characters to the left or right a certain number of places. Since [1o57] noted this was the tenth anniversary of Hackaday, [tahnok] tried that first:

TENYOBTSOLTAYADAKCAHOTDROWEDOCDNES

It doesn’t look like much, but that’s only because the string is backwards. Tricky, tricky. tricky. With instructions to send a codeword to an email address, [tahnok] now needed to find a code word. There was one picture [1o57] put up on twitter that was still an unsolved part of the puzzle:

With no idea what these little stickmen are, he scoured google with variants of ‘stickmen code’ and ‘semaphore’ until he hit upon the Sherlock Holmes story, The Adventure of the Dancing Men. It’s a simple substitution cypher, translated to, “codeword psychobilly ciphers”

And that’s the entire puzzle. As far as we know, this took about a month to solve, and compared to the DEFCON challenges, was fairly simple. [1o57] will probably chime in down in the comments to tell everyone how many people have picked up on the clues and sent an email.

The CryptoCape For BeagleBone

July 20, 2014 by Brian Benchoff 14 Comments

[Josh Datko] was wandering around HOPE X showing off some of his wares and was kind enough to show off his CryptoCape to us. It’s an add on board for the BeagleBone that breaks out some common crypto hardware to an easily interfaced package.

On board the CryptoCape is an Atmel Trusted Platform Module, an elliptic curve chip, a SHA-256 authenticator, an encrypted EEPROM, a real time clock, and an ATMega328p for interfacing to other components and modules on the huge prototyping area on the cape.

[Josh] built the CryptoCape in cooperation with Sparkfun, so if you’re not encumbered with a bunch of export restrictions, you can pick one up there. Pic of the board below.

Continue reading “The CryptoCape For BeagleBone” →