Program
 |
‹
Tuesday, July 20, 2021 ›
|
|
08:00
09:00
10:00
11:00
12:00
13:00
14:00
15:00
16:00
17:00
18:00
|
›9:00 (1h30)
Black box reverse engineering of wireless communication protocols -
Romain Cayre and Florent Galtier
Romain Cayre and Florent Galtier, LAAS-CNRS, Apsys Lab
Black box analysis of a wireless keyboard : in this talk, we will present the reverse engineering process of an undocumented proprietary wireless communication protocol used by a wireless keyboard. It describes the methodology allowing to understand the physical and the link layers of the protocol and how to build some custom tools to sniff and inject packets. Multiple proofs of concept will be presented, especially a radio keylogger and a keystrokes injection tool.
›11:00 (1h30)
Security of BLE communications -
Romain Cayre and Florent Galtier
Romain Cayre and Florent Galtier, LAAS-CNRS, Apsys Lab
Bluetooth Low Energy (BLE) is nowadays one of the most popular wireless communication protocols for Internet of Things (IoT) devices. As a result, several attacks have targeted this protocol or its implementations in recent years, illustrating the growing interest for this technology. However, some major challenges remain from an offensive perspective, such as injecting arbitrary frames, hijacking the Slave role or performing a Man-in-The-Middle in an already established connection. In this presentation we describe a novel attack called InjectaBLE, allowing to inject malicious traffic into an existing connectionn, and describe some examples of real attack scenarios.
›14:00 (1h)
Side Channel Attacks in Embedded Systems -
Florent Bruguier
Florent Bruguier, LIRMM, Montpellier anf Vincent Migliore, INSA Toulouse, LAAS-CNRS
First, we will introduce the principle of side-channel attacks, especially those based on power consumption or electromagnetic emissions. Then, we will propose a practical training based on the implementation of such attacks. The objective of this lab is to implement a correlation attack on a PRESENT 128-bit cryptoprocessor implemented on FPGA. The trainees will have to code the attack (CPA) on the last round of encryption using the Hamming distance method. They will have at their disposal the ciphered texts and the corresponding electromagnetic measurements carried out beforehand on one of the LIRMM attack benches
›15:30 (2h30)
Side Channel Attacks in Embedded Systems (Lab) -
Florent Bruguier
Florent Bruguier, LIRMM, Montpellier and Vincent Migliore, INSA Toulouse, LAAS-CNRS
First, we will introduce the principle of side-channel attacks, especially those based on power consumption or electromagnetic emissions. Then, we will propose a practical training based on the implementation of such attacks. The objective of this lab is to implement a correlation attack on a PRESENT 128-bit cryptoprocessor implemented on FPGA. The trainees will have to code the attack (CPA) on the last round of encryption using the Hamming distance method. They will have at their disposal the ciphered texts and the corresponding electromagnetic measurements carried out beforehand on one of the LIRMM attack benches
|
|
Session |
|
Speech |
|
Logistics |
|
Break |
|
Tour |
|
Loading...