Conference:  Defcon 31

Authors: Carlo Meijer Founding Partner and Security Researcher, Midnight Blue, Jos Wetzels Founding Partner and Security Researcher, Midnight Blue, Wouter Bokslag Founding Partner and Security Researcher, Midnight Blue

2023-08-01

In this talk we will discuss the radio jailbreaking journey that enabled us to perform the first public disclosure and analysis of the proprietary cryptography used in TETRA (Terrestrial Trunked Radio): a standard used globally by government agencies, police, prisons, and military operators as well as critical infrastructure such as SCADA telecontrol of oil rigs, pipelines, transportation and electric and water utilities. For decades, the underlying algorithms have remained secret under restrictive NDAs prohibiting public scrutiny of this critical technology. In this talk, we will make public the TETRA cipher suites (TEA and TAA1 to be precise), one of the last bastions of widely deployed secret crypto, and discuss in-depth how we managed to obtain them. We will discuss several different flaws we uncovered allowing passive or active adversaries to intercept and manipulate TETRA traffic, including details of a backdoored stream cipher. This journey involved reverse-engineering and exploiting multiple 0-day vulnerabilities in the popular Motorola MTM5x00 radio and its TI OMAP-L138 TEE and covers everything from side-channel attacks on DSPs to writing your own decompilers. We will also discuss how we gained code execution on and instrumented a Motorola MBTS TETRA base station for research purposes.

Conference:  Defcon 31

Authors: Taiiwo, Artorias, Puck, TheClockworkBird

2023-08-01

his talk will explore the ongoing efforts of the CicadaSolvers community to solve Cicada3301’s Liber Primus, a book of elder futhark runes and codes that has challenged cryptographers and puzzle-solvers since 2014. Using our experiences as leaders within the community, we will delve into the cultural significance of the puzzle and discuss the various strategies and techniques employed by members to crack its code, and the story of their struggle to maintain motivation through 9 years of solving one of the most difficult puzzles ever released. Attendees will gain insights into the future of collaborative puzzle-solving and the challenges that the Liber Primus presents for the future of cryptography. This presentation is suitable for anyone interested in cryptography, puzzle-solving, internet mysteries, and the persistence of collaborative communities. No prior technical knowledge or tools are required.

Conference:  Global AppSec San Francisco 2022

Authors: Jim Manico, semgrep.dev

2022-11-18

The presentation discusses the history and progress of information security testing and the role of OWASP in promoting application security.

• The history of security testing dates back to the Polish researchers who built the first security testing tool to crack Enigma during World War II.
• The first security testing device in modern history is the bomb.
• The OWASP foundation is a non-profit international foundation dedicated to helping people and organizations make informed decisions about application security risk.
• OWASP has released several free guides and tools to promote application security, including the OWASP Top 10 and the Application Security Verification Standard.
• Cross-site scripting is a complicated vulnerability category that requires attention in application security.