SlideShare ist ein Scribd-Unternehmen logo

From Bitcoin Hardware Wallets to Personal Privacy Devices

MecklerMedia
MecklerMedia

Presented by Nicolas Bacca

Business
1 von 36
Downloaden Sie, um offline zu lesen
From Bitcoin Hardware Wallets to Personal Security Devices Inside Bitcoins Seoul 2015
Nicolas Bacca, CTO, Ledger Secure Element solutions architect Whitehat security reports https://github.com/btchip/trezor-security-exploits http://fr.slideshare.net/EricLarcheveque/bitcoin- hardware-wallets-security About me LEDGER
Key protection Malware, (side channels, covert channels) Independant devices Static validation only Check destination, amount Hardware Wallets today
Confirming a transaction is complicated Common use case : web purchase is not covered BIP 70 helps, but is not supported by Hardware Wallets yet BIP 70 is merchant centric PKI issues again - how to validate certificates, how to revoke certificates on a disconnected User Experience limitations LEDGER
Colored Coins with multiple kernels Open Assets popular right now Blockchain proofs Augur, Bitproof ... More Smart Contracts in the future New protocol layers Sidechains, Hubs Growing, dynamic use cases for Blockchain applications LEDGER
Arbitrary signature Mails, contracts, GnuPG, ... Arbitrary encryption (export warning …) Mails, messages, GnuPG, … Identity FIDO, SSH, ... Other generic use cases LEDGER
User Experience should be customizable One size doesn’t fit all Valuable assets go way beyond the transaction amount. Moving targets for Blockchain applications LEDGER
More complicated to revoke Can not just send the coins to another address Open plug-ins complexity Additional leak risks if not properly isolated Growing security concerns LEDGER
Dynamic applications Isolation of critical components Performance (size and speed) Technical issues LEDGER
Provisioning strategy Signed by the device / App Store Storage Internal or External General purpose APIs First software isolation layer Dynamic applications LEDGER
User enrolls the device locally User signs the generic application Optionally recompiles / checks it User installs the signed application Now specifically trusted for this device Provisioning strategy (self) LEDGER
User enrolls the device into App Store App Store encrypts the application App Store personalizes the application Can be device specific, encrypted Provisioning strategy (app store with secret in apps) LEDGER
User enrolls the device into App Store App Store signs the application App Store personalizes the application Can be device specific, encrypted Provisioning strategy (app store with common apps, enrollment) LEDGER
User downloads a signed application Provisioning strategy (app store with common apps, no personalization) LEDGER
Different models Easier if no secrets in apps, no personalization Can be mixed App Store and specific user trusted applications Provisioning strategy LEDGER
Requires a fine flash management API Sectors are too big for some MCUs Filesystem issues Reorganizations, wear leveling and anti tearing Helps for a standalone device Also for collaboration between applications Internal storage LEDGER
Requires “large” available RAM space Or a mixed storage strategy, not efficient Not standalone Need to always have the application around Replay issues if everything is external On board application state storage is easier External storage LEDGER
Internal Storage easier when possible Pick the right MCU or use Secure Elements Otherwise compromises to be made Application state storage & overall usability Storage LEDGER
Isolation of the cryptographic materials Most important thing to do whatever the use Different use cases Wallet plugin or full application oriented General Purpose APIs LEDGER
Signature APIs to be validated Might control but not sign blindly Handle new outputs, TX formats For example Payment Protocol or colors Provide additional TX information On screen display or confirmation logic Wallet plugin APIs LEDGER
API provide basic building blocks Crypto, I/O Everything else implemented using it Full wallet and extensions Isolation is critical Typically prevent raw flash reads Full application oriented API LEDGER
Way more complex than full isolation Isolation, with some firewalling logic Specific implementation can help Virtual machine easier than bare metal Also concurrent execution to consider Way easier if not supporting it Inter application communication LEDGER
Architecture to be chosen “Full” is more flexible, if doable on the platform Isolation is the most critical asset Proper crypto APIs is the second one Key protection, side channel resistant General Purpose APIs LEDGER
High level virtual machine Used in high level languages Low level virtual machine CPU emulation, target standard C code Hardware assisted Can also help in VM development Isolation strategies LEDGER
How easy is it to audit Carefully audit optimizations (native translation) Sandbox escaping : type confusion Raw pointer access risk, invalid bytecode Sandbox escaping : native interface Audit argument checks Security of a High level virtual machine LEDGER
Well audited security model Earliest Virtual Machine around Flexible performance Different versions, see also Java Card Complicated licensing Free/OSS embedded implementations at risk High level Virtual Machine : Java LEDGER
Simple security model Easy to audit (bytecode similar to Java) Predictable performance No optimization in the default version Licensing to be validated Apache, but some IP claims in the past High level Virtual Machine : Dalvik LEDGER
Security model to be validated Different complex types, lists Flexible performance No optimization or machine translation Open Source licensing MIT High level Virtual Machine : microPython LEDGER
Security model to be validated Different complex types Predictable performance No optimization Open Source licensing MIT High level Virtual Machine : embedded Lua LEDGER
How easy is it to audit Carefully audit optimizations (native translation) Sandbox escaping : native interface Audit argument checks Security of a Low level virtual machine LEDGER
Very simple architecture No risks Predictable performance No optimization Open Source licensing MIT Low level Virtual Machine : moxie LEDGER
Memory Protection Unit Isolate memory areas (flash / RAM) Supervisor mode Lock the MPU MPU + SU enable “trap” service calls Isolate the core APIs and the applications Hardware assisted isolation LEDGER
Optional for ARM M3 MCUs Found in some MCU, not entry level Common for ARM Secure Elements SC000 / SC300 Hardware assisted isolation support LEDGER
Native isolation when supported C code with native performance Moxie VM when not supported Source code portability Optional lightweight Dalvik on top For Java (Card) developers Ledger implementation LEDGER
Java Card playground for the high level API https://github.com/ledgerhq/ledger-javacard (soon) Trusted Execution Environment public beta, high level isolation prototype Open Source isolation product coming up Jan 2016 for developers (Ledger Blue : USB, BLE, NFC, screen) Follow up with Ledger LEDGER @LedgerHQ
Thank you Inside Bitcoins Seoul 2015

Empfohlen

Blockchain solutions leading to better security practices
Blockchain solutions leading to better security practicesBlockchain solutions leading to better security practices
Blockchain solutions leading to better security practicesEric Larcheveque
 
Step-by-step Development of an Application for the Java Card Connected Platform
Step-by-step Development of an Application for the Java Card Connected PlatformStep-by-step Development of an Application for the Java Card Connected Platform
Step-by-step Development of an Application for the Java Card Connected PlatformEric Vétillard
 
First Steps with Java Card
First Steps with Java CardFirst Steps with Java Card
First Steps with Java CardEric Vétillard
 
Java & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisJava & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisPragati Rai
 
Java card technology
Java card technologyJava card technology
Java card technologyKeerthi Thomas
 
Eric java card-basics-140314
Eric java card-basics-140314Eric java card-basics-140314
Eric java card-basics-140314Eric Vétillard
 
IoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsIoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsEric Larcheveque
 
Java Card, 15 years later
Java Card, 15 years laterJava Card, 15 years later
Java Card, 15 years laterEric Vétillard
 

Empfohlen

Blockchain solutions leading to better security practices
Blockchain solutions leading to better security practicesBlockchain solutions leading to better security practices
Blockchain solutions leading to better security practicesEric Larcheveque
 
Step-by-step Development of an Application for the Java Card Connected Platform
Step-by-step Development of an Application for the Java Card Connected PlatformStep-by-step Development of an Application for the Java Card Connected Platform
Step-by-step Development of an Application for the Java Card Connected PlatformEric Vétillard
 
First Steps with Java Card
First Steps with Java CardFirst Steps with Java Card
First Steps with Java CardEric Vétillard
 
Java & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisJava & The Android Stack: A Security Analysis
Java & The Android Stack: A Security AnalysisPragati Rai
 
Java card technology
Java card technologyJava card technology
Java card technologyKeerthi Thomas
 
Eric java card-basics-140314
Eric java card-basics-140314Eric java card-basics-140314
Eric java card-basics-140314Eric Vétillard
 
IoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsIoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsEric Larcheveque
 
Java Card, 15 years later
Java Card, 15 years laterJava Card, 15 years later
Java Card, 15 years laterEric Vétillard
 
Java Card Platform Security and Performance
Java Card Platform Security and PerformanceJava Card Platform Security and Performance
Java Card Platform Security and PerformanceEric Vétillard
 
Technical Overview of Java Card
Technical Overview of Java CardTechnical Overview of Java Card
Technical Overview of Java CardAnshuman Sinha
 
Javacardtech
JavacardtechJavacardtech
JavacardtechVivek Bajpai
 
Javacard
Javacard Javacard
Javacard Samiksha90
 
Java card
Java cardJava card
Java cardRavi Jakashania
 
iXGuard
iXGuardiXGuard
iXGuardTopher Jordan
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoArash Ramez
 
Cryptocurrencies Hardware Wallets - 33C3 Bitcoin Assembly
Cryptocurrencies Hardware Wallets - 33C3 Bitcoin AssemblyCryptocurrencies Hardware Wallets - 33C3 Bitcoin Assembly
Cryptocurrencies Hardware Wallets - 33C3 Bitcoin AssemblyEric Larcheveque
 
Demystifying Apple 'Pie' & TouchID
Demystifying Apple 'Pie' & TouchIDDemystifying Apple 'Pie' & TouchID
Demystifying Apple 'Pie' & TouchIDSebastián Guerrero Selma
 
JavaCard development Quickstart
JavaCard development QuickstartJavaCard development Quickstart
JavaCard development QuickstartMartin Paljak
 
jCardSim - development platform for Java Card Applications
jCardSim - development platform for Java Card ApplicationsjCardSim - development platform for Java Card Applications
jCardSim - development platform for Java Card ApplicationsMikhail Dudarev
 
Security applications with Java Card
Security applications with Java CardSecurity applications with Java Card
Security applications with Java CardJulien SIMON
 
Java card
Java card Java card
Java card Naga Dinesh
 
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génératione-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere générationSylvain Maret
 
15 sensors and proximity nfc and bluetooth
15 sensors and proximity nfc and bluetooth15 sensors and proximity nfc and bluetooth
15 sensors and proximity nfc and bluetoothWindowsPhoneRocks
 
How to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedHow to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedArash Ramez
 
Java card
Java cardJava card
Java cardrcrahul01
 
Bitcoin hardware wallets security
Bitcoin hardware wallets securityBitcoin hardware wallets security
Bitcoin hardware wallets securityEric Larcheveque
 
Cloud infrastructure of 3 d printing
Cloud infrastructure of 3 d printingCloud infrastructure of 3 d printing
Cloud infrastructure of 3 d printingMecklerMedia
 
A copyright protection technology for 3 d printing models (john choi)
A copyright protection technology for 3 d printing models (john choi)A copyright protection technology for 3 d printing models (john choi)
A copyright protection technology for 3 d printing models (john choi)MecklerMedia
 
Bitcoin: Repenser la monnaie (Bitcoin: rethinking money)
Bitcoin: Repenser la monnaie (Bitcoin: rethinking money)Bitcoin: Repenser la monnaie (Bitcoin: rethinking money)
Bitcoin: Repenser la monnaie (Bitcoin: rethinking money)FrancisPouliot
 
Bitcoin for Noobs
Bitcoin for NoobsBitcoin for Noobs
Bitcoin for Noobsmikegreenberg
 

Weitere ähnliche Inhalte

Was ist angesagt?

Java Card Platform Security and Performance
Java Card Platform Security and PerformanceJava Card Platform Security and Performance
Java Card Platform Security and PerformanceEric Vétillard
 
Technical Overview of Java Card
Technical Overview of Java CardTechnical Overview of Java Card
Technical Overview of Java CardAnshuman Sinha
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoArash Ramez
 
Cryptocurrencies Hardware Wallets - 33C3 Bitcoin Assembly
Cryptocurrencies Hardware Wallets - 33C3 Bitcoin AssemblyCryptocurrencies Hardware Wallets - 33C3 Bitcoin Assembly
Cryptocurrencies Hardware Wallets - 33C3 Bitcoin AssemblyEric Larcheveque
 
JavaCard development Quickstart
JavaCard development QuickstartJavaCard development Quickstart
JavaCard development QuickstartMartin Paljak
 
jCardSim - development platform for Java Card Applications
jCardSim - development platform for Java Card ApplicationsjCardSim - development platform for Java Card Applications
jCardSim - development platform for Java Card ApplicationsMikhail Dudarev
 
Security applications with Java Card
Security applications with Java CardSecurity applications with Java Card
Security applications with Java CardJulien SIMON
 
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génératione-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere générationSylvain Maret
 
15 sensors and proximity nfc and bluetooth
15 sensors and proximity nfc and bluetooth15 sensors and proximity nfc and bluetooth
15 sensors and proximity nfc and bluetoothWindowsPhoneRocks
 
How to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedHow to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedArash Ramez
 
Bitcoin hardware wallets security
Bitcoin hardware wallets securityBitcoin hardware wallets security
Bitcoin hardware wallets securityEric Larcheveque
 

Was ist angesagt? (18)

Java Card Platform Security and Performance
Java Card Platform Security and PerformanceJava Card Platform Security and Performance
Java Card Platform Security and Performance
 
Technical Overview of Java Card
Technical Overview of Java CardTechnical Overview of Java Card
Technical Overview of Java Card
 
Javacardtech
JavacardtechJavacardtech
Javacardtech
 
Javacard
Javacard Javacard
Javacard
 
Java card
Java cardJava card
Java card
 
iXGuard
iXGuardiXGuard
iXGuard
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part Two
 
Cryptocurrencies Hardware Wallets - 33C3 Bitcoin Assembly
Cryptocurrencies Hardware Wallets - 33C3 Bitcoin AssemblyCryptocurrencies Hardware Wallets - 33C3 Bitcoin Assembly
Cryptocurrencies Hardware Wallets - 33C3 Bitcoin Assembly
 
Demystifying Apple 'Pie' & TouchID
Demystifying Apple 'Pie' & TouchIDDemystifying Apple 'Pie' & TouchID
Demystifying Apple 'Pie' & TouchID
 
JavaCard development Quickstart
JavaCard development QuickstartJavaCard development Quickstart
JavaCard development Quickstart
 
jCardSim - development platform for Java Card Applications
jCardSim - development platform for Java Card ApplicationsjCardSim - development platform for Java Card Applications
jCardSim - development platform for Java Card Applications
 
Security applications with Java Card
Security applications with Java CardSecurity applications with Java Card
Security applications with Java Card
 
Java card
Java card Java card
Java card
 
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génératione-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
 
15 sensors and proximity nfc and bluetooth
15 sensors and proximity nfc and bluetooth15 sensors and proximity nfc and bluetooth
15 sensors and proximity nfc and bluetooth
 
How to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewedHow to do right cryptography in android part 3 / Gated Authentication reviewed
How to do right cryptography in android part 3 / Gated Authentication reviewed
 
Java card
Java cardJava card
Java card
 
Bitcoin hardware wallets security
Bitcoin hardware wallets securityBitcoin hardware wallets security
Bitcoin hardware wallets security
 

Andere mochten auch

Cloud infrastructure of 3 d printing
Cloud infrastructure of 3 d printingCloud infrastructure of 3 d printing
Cloud infrastructure of 3 d printingMecklerMedia
 
A copyright protection technology for 3 d printing models (john choi)
A copyright protection technology for 3 d printing models (john choi)A copyright protection technology for 3 d printing models (john choi)
A copyright protection technology for 3 d printing models (john choi)MecklerMedia
 
Bitcoin: Repenser la monnaie (Bitcoin: rethinking money)
Bitcoin: Repenser la monnaie (Bitcoin: rethinking money)Bitcoin: Repenser la monnaie (Bitcoin: rethinking money)
Bitcoin: Repenser la monnaie (Bitcoin: rethinking money)FrancisPouliot
 
Bitcoin and Blockchain for noobs
Bitcoin and Blockchain for noobsBitcoin and Blockchain for noobs
Bitcoin and Blockchain for noobsMonik Pamecha
 
2015 - Crypto 2.0 trends and projection
2015 - Crypto 2.0 trends and projection2015 - Crypto 2.0 trends and projection
2015 - Crypto 2.0 trends and projectionTom Ding
 
Intro to Crypto Economic dApp
Intro to Crypto Economic dAppIntro to Crypto Economic dApp
Intro to Crypto Economic dAppTom Ding
 
Finance: An Autonomous future
Finance: An Autonomous futureFinance: An Autonomous future
Finance: An Autonomous futureTom Ding
 
Coinomia Elaborated Compensation Plan
Coinomia Elaborated Compensation PlanCoinomia Elaborated Compensation Plan
Coinomia Elaborated Compensation PlanCoinomia
 
Tales from the crypto early stories of bitcoin and cryptocurrency inspired art
Tales from the crypto early stories of bitcoin and cryptocurrency inspired artTales from the crypto early stories of bitcoin and cryptocurrency inspired art
Tales from the crypto early stories of bitcoin and cryptocurrency inspired artMecklerMedia
 
YOCoin Philippines Compensation Plan
YOCoin Philippines Compensation PlanYOCoin Philippines Compensation Plan
YOCoin Philippines Compensation PlanYOCoin Philippines
 
Why bitcoin will change everything
Why bitcoin will change everythingWhy bitcoin will change everything
Why bitcoin will change everythingTom Ding
 
151021 metamason 10 page competition pitch
151021 metamason 10 page competition pitch151021 metamason 10 page competition pitch
151021 metamason 10 page competition pitchMecklerMedia
 
Buy and Sell By paymium
Buy and Sell By paymiumBuy and Sell By paymium
Buy and Sell By paymiumLaFrenchMobile
 
Pdf guerrilla marketing
Pdf guerrilla marketingPdf guerrilla marketing
Pdf guerrilla marketingMecklerMedia
 
Inside 3 d printing metamoderism, leslie oliver karpas (save small)
Inside 3 d printing metamoderism, leslie oliver karpas (save small)Inside 3 d printing metamoderism, leslie oliver karpas (save small)
Inside 3 d printing metamoderism, leslie oliver karpas (save small)MecklerMedia
 
Bitcoin Payment Focus
Bitcoin Payment Focus Bitcoin Payment Focus
Bitcoin Payment Focus MecklerMedia
 
Steve beauregard keynote
Steve beauregard keynoteSteve beauregard keynote
Steve beauregard keynoteMecklerMedia
 

Andere mochten auch (20)

Cloud infrastructure of 3 d printing
Cloud infrastructure of 3 d printingCloud infrastructure of 3 d printing
Cloud infrastructure of 3 d printing
 
A copyright protection technology for 3 d printing models (john choi)
A copyright protection technology for 3 d printing models (john choi)A copyright protection technology for 3 d printing models (john choi)
A copyright protection technology for 3 d printing models (john choi)
 
Bitcoin: Repenser la monnaie (Bitcoin: rethinking money)
Bitcoin: Repenser la monnaie (Bitcoin: rethinking money)Bitcoin: Repenser la monnaie (Bitcoin: rethinking money)
Bitcoin: Repenser la monnaie (Bitcoin: rethinking money)
 
Bitcoin for Noobs
Bitcoin for NoobsBitcoin for Noobs
Bitcoin for Noobs
 
Bitcoin and Blockchain for noobs
Bitcoin and Blockchain for noobsBitcoin and Blockchain for noobs
Bitcoin and Blockchain for noobs
 
2015 - Crypto 2.0 trends and projection
2015 - Crypto 2.0 trends and projection2015 - Crypto 2.0 trends and projection
2015 - Crypto 2.0 trends and projection
 
Intro to Crypto Economic dApp
Intro to Crypto Economic dAppIntro to Crypto Economic dApp
Intro to Crypto Economic dApp
 
BitCoin Protocol
BitCoin ProtocolBitCoin Protocol
BitCoin Protocol
 
Finance: An Autonomous future
Finance: An Autonomous futureFinance: An Autonomous future
Finance: An Autonomous future
 
Coinomia Elaborated Compensation Plan
Coinomia Elaborated Compensation PlanCoinomia Elaborated Compensation Plan
Coinomia Elaborated Compensation Plan
 
Tales from the crypto early stories of bitcoin and cryptocurrency inspired art
Tales from the crypto early stories of bitcoin and cryptocurrency inspired artTales from the crypto early stories of bitcoin and cryptocurrency inspired art
Tales from the crypto early stories of bitcoin and cryptocurrency inspired art
 
bitcoin_presentation
bitcoin_presentationbitcoin_presentation
bitcoin_presentation
 
YOCoin Philippines Compensation Plan
YOCoin Philippines Compensation PlanYOCoin Philippines Compensation Plan
YOCoin Philippines Compensation Plan
 
Why bitcoin will change everything
Why bitcoin will change everythingWhy bitcoin will change everything
Why bitcoin will change everything
 
151021 metamason 10 page competition pitch
151021 metamason 10 page competition pitch151021 metamason 10 page competition pitch
151021 metamason 10 page competition pitch
 
Buy and Sell By paymium
Buy and Sell By paymiumBuy and Sell By paymium
Buy and Sell By paymium
 
Pdf guerrilla marketing
Pdf guerrilla marketingPdf guerrilla marketing
Pdf guerrilla marketing
 
Inside 3 d printing metamoderism, leslie oliver karpas (save small)
Inside 3 d printing metamoderism, leslie oliver karpas (save small)Inside 3 d printing metamoderism, leslie oliver karpas (save small)
Inside 3 d printing metamoderism, leslie oliver karpas (save small)
 
Bitcoin Payment Focus
Bitcoin Payment Focus Bitcoin Payment Focus
Bitcoin Payment Focus
 
Steve beauregard keynote
Steve beauregard keynoteSteve beauregard keynote
Steve beauregard keynote
 

Ähnlich wie From Bitcoin Hardware Wallets to Personal Privacy Devices

Make the Smartcard great again
Make the Smartcard great againMake the Smartcard great again
Make the Smartcard great againEric Larcheveque
 
Future of hardware wallets bip 001
Future of hardware wallets bip 001Future of hardware wallets bip 001
Future of hardware wallets bip 001Eric Larcheveque
 
How to Use OWASP Security Logging
How to Use OWASP Security LoggingHow to Use OWASP Security Logging
How to Use OWASP Security LoggingMilton Smith
 
Open source iam value, benefits, and risks
Open source iam value, benefits, and risksOpen source iam value, benefits, and risks
Open source iam value, benefits, and risksWSO2
 
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)Amazon Web Services
 
Fullstack IoT Development
Fullstack IoT DevelopmentFullstack IoT Development
Fullstack IoT DevelopmentAndri Yadi
 
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)Richard Bullington-McGuire
 
[CB16] BLE authentication design challenges on smartphone controlled IoT devi...
[CB16] BLE authentication design challenges on smartphone controlled IoT devi...[CB16] BLE authentication design challenges on smartphone controlled IoT devi...
[CB16] BLE authentication design challenges on smartphone controlled IoT devi...CODE BLUE
 
Defcon 18 "Hacking Electronic Door Access Controllers"
Defcon 18 "Hacking Electronic Door Access Controllers" Defcon 18 "Hacking Electronic Door Access Controllers"
Defcon 18 "Hacking Electronic Door Access Controllers" shawn_merdinger
 
Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Lumension
 
How to 2FA-enable Open Source Applications
How to 2FA-enable Open Source ApplicationsHow to 2FA-enable Open Source Applications
How to 2FA-enable Open Source ApplicationsAll Things Open
 
A Taste of Java ME
A Taste of Java MEA Taste of Java ME
A Taste of Java MEwiradikusuma
 
Scada Strangelove - 29c3
Scada Strangelove - 29c3Scada Strangelove - 29c3
Scada Strangelove - 29c3qqlan
 
Java Card Security
Java Card SecurityJava Card Security
Java Card SecurityRiscure
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationSylvain Maret
 

Ähnlich wie From Bitcoin Hardware Wallets to Personal Privacy Devices (20)

Make the Smartcard great again
Make the Smartcard great againMake the Smartcard great again
Make the Smartcard great again
 
Future of hardware wallets bip 001
Future of hardware wallets bip 001Future of hardware wallets bip 001
Future of hardware wallets bip 001
 
Rebooting the smartcard
Rebooting the smartcardRebooting the smartcard
Rebooting the smartcard
 
How to Use OWASP Security Logging
How to Use OWASP Security LoggingHow to Use OWASP Security Logging
How to Use OWASP Security Logging
 
Open source iam value, benefits, and risks
Open source iam value, benefits, and risksOpen source iam value, benefits, and risks
Open source iam value, benefits, and risks
 
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
 
Fullstack IoT Development
Fullstack IoT DevelopmentFullstack IoT Development
Fullstack IoT Development
 
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
Enabling Web Apps For DoD Security via PKI/CAC Enablement (Forge.Mil case study)
 
[CB16] BLE authentication design challenges on smartphone controlled IoT devi...
[CB16] BLE authentication design challenges on smartphone controlled IoT devi...[CB16] BLE authentication design challenges on smartphone controlled IoT devi...
[CB16] BLE authentication design challenges on smartphone controlled IoT devi...
 
Defcon 18 "Hacking Electronic Door Access Controllers"
Defcon 18 "Hacking Electronic Door Access Controllers" Defcon 18 "Hacking Electronic Door Access Controllers"
Defcon 18 "Hacking Electronic Door Access Controllers"
 
Cryptocurrencies
CryptocurrenciesCryptocurrencies
Cryptocurrencies
 
Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You?
 
How to 2FA-enable Open Source Applications
How to 2FA-enable Open Source ApplicationsHow to 2FA-enable Open Source Applications
How to 2FA-enable Open Source Applications
 
IoT on azure
IoT on azureIoT on azure
IoT on azure
 
A Taste of Java ME
A Taste of Java MEA Taste of Java ME
A Taste of Java ME
 
Scada Strangelove - 29c3
Scada Strangelove - 29c3Scada Strangelove - 29c3
Scada Strangelove - 29c3
 
Java Card Security
Java Card SecurityJava Card Security
Java Card Security
 
Flak+technologies
Flak+technologiesFlak+technologies
Flak+technologies
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web Application
 
Flak+technologies
Flak+technologiesFlak+technologies
Flak+technologies
 

Mehr von MecklerMedia

Solving problems with authentication
Solving problems with authenticationSolving problems with authentication
Solving problems with authenticationMecklerMedia
 
Global Capital Markets & Industry Outlook
Global Capital Markets & Industry OutlookGlobal Capital Markets & Industry Outlook
Global Capital Markets & Industry OutlookMecklerMedia
 
Cognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
Cognitive Reasoning Platforms – Spinning Social Media Interactions into GoldCognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
Cognitive Reasoning Platforms – Spinning Social Media Interactions into GoldMecklerMedia
 
Cognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
Cognitive Reasoning Platforms – Spinning Social Media Interactions into GoldCognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
Cognitive Reasoning Platforms – Spinning Social Media Interactions into GoldMecklerMedia
 
Why Bitcoin’s Rate of Adoption is Only Going to Increase
Why Bitcoin’s Rate of Adoption is Only Going to IncreaseWhy Bitcoin’s Rate of Adoption is Only Going to Increase
Why Bitcoin’s Rate of Adoption is Only Going to IncreaseMecklerMedia
 
Cognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
Cognitive Reasoning Platforms – Spinning Social Media Interactions into GoldCognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
Cognitive Reasoning Platforms – Spinning Social Media Interactions into GoldMecklerMedia
 
Building a Robotics Hub in San Diego
Building a Robotics Hub in San DiegoBuilding a Robotics Hub in San Diego
Building a Robotics Hub in San DiegoMecklerMedia
 
Bitcoin, Blockchain & Beyond
Bitcoin, Blockchain & BeyondBitcoin, Blockchain & Beyond
Bitcoin, Blockchain & BeyondMecklerMedia
 
Blockchain Technology: A Technical Introduction to Non-Technical People
Blockchain Technology: A Technical Introduction to Non-Technical PeopleBlockchain Technology: A Technical Introduction to Non-Technical People
Blockchain Technology: A Technical Introduction to Non-Technical PeopleMecklerMedia
 
Bitcoin Past Present Future
Bitcoin Past Present FutureBitcoin Past Present Future
Bitcoin Past Present FutureMecklerMedia
 
Inside 3 d printing 2015
Inside 3 d printing 2015Inside 3 d printing 2015
Inside 3 d printing 2015MecklerMedia
 
Quality assurance, repeatability and monitoring on additive manufacturing.ppt...
Quality assurance, repeatability and monitoring on additive manufacturing.ppt...Quality assurance, repeatability and monitoring on additive manufacturing.ppt...
Quality assurance, repeatability and monitoring on additive manufacturing.ppt...MecklerMedia
 
Designing for the dmls process oct2015
Designing for the dmls process oct2015Designing for the dmls process oct2015
Designing for the dmls process oct2015MecklerMedia
 
Inside 3 d printing presentation lisa
Inside 3 d printing presentation lisaInside 3 d printing presentation lisa
Inside 3 d printing presentation lisaMecklerMedia
 
Inside3 dp santa clara 22oct2015 via tuan tranpham
Inside3 dp santa clara 22oct2015 via tuan tranphamInside3 dp santa clara 22oct2015 via tuan tranpham
Inside3 dp santa clara 22oct2015 via tuan tranphamMecklerMedia
 
Efesto presentation kunal varma
Efesto presentation kunal varmaEfesto presentation kunal varma
Efesto presentation kunal varmaMecklerMedia
 
Infra trac 3d-102115-summaryslide
Infra trac 3d-102115-summaryslideInfra trac 3d-102115-summaryslide
Infra trac 3d-102115-summaryslideMecklerMedia
 
V rin construction-7
V rin construction-7V rin construction-7
V rin construction-7MecklerMedia
 
I3 dp tc santa clara oct2015 distro v2
I3 dp tc santa clara oct2015 distro v2I3 dp tc santa clara oct2015 distro v2
I3 dp tc santa clara oct2015 distro v2MecklerMedia
 

Mehr von MecklerMedia (20)

Solving problems with authentication
Solving problems with authenticationSolving problems with authentication
Solving problems with authentication
 
Global Capital Markets & Industry Outlook
Global Capital Markets & Industry OutlookGlobal Capital Markets & Industry Outlook
Global Capital Markets & Industry Outlook
 
Cognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
Cognitive Reasoning Platforms – Spinning Social Media Interactions into GoldCognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
Cognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
 
Cognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
Cognitive Reasoning Platforms – Spinning Social Media Interactions into GoldCognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
Cognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
 
Why Bitcoin’s Rate of Adoption is Only Going to Increase
Why Bitcoin’s Rate of Adoption is Only Going to IncreaseWhy Bitcoin’s Rate of Adoption is Only Going to Increase
Why Bitcoin’s Rate of Adoption is Only Going to Increase
 
Cognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
Cognitive Reasoning Platforms – Spinning Social Media Interactions into GoldCognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
Cognitive Reasoning Platforms – Spinning Social Media Interactions into Gold
 
Building a Robotics Hub in San Diego
Building a Robotics Hub in San DiegoBuilding a Robotics Hub in San Diego
Building a Robotics Hub in San Diego
 
The Cognitive Era
The Cognitive EraThe Cognitive Era
The Cognitive Era
 
Bitcoin, Blockchain & Beyond
Bitcoin, Blockchain & BeyondBitcoin, Blockchain & Beyond
Bitcoin, Blockchain & Beyond
 
Blockchain Technology: A Technical Introduction to Non-Technical People
Blockchain Technology: A Technical Introduction to Non-Technical PeopleBlockchain Technology: A Technical Introduction to Non-Technical People
Blockchain Technology: A Technical Introduction to Non-Technical People
 
Bitcoin Past Present Future
Bitcoin Past Present FutureBitcoin Past Present Future
Bitcoin Past Present Future
 
Inside 3 d printing 2015
Inside 3 d printing 2015Inside 3 d printing 2015
Inside 3 d printing 2015
 
Quality assurance, repeatability and monitoring on additive manufacturing.ppt...
Quality assurance, repeatability and monitoring on additive manufacturing.ppt...Quality assurance, repeatability and monitoring on additive manufacturing.ppt...
Quality assurance, repeatability and monitoring on additive manufacturing.ppt...
 
Designing for the dmls process oct2015
Designing for the dmls process oct2015Designing for the dmls process oct2015
Designing for the dmls process oct2015
 
Inside 3 d printing presentation lisa
Inside 3 d printing presentation lisaInside 3 d printing presentation lisa
Inside 3 d printing presentation lisa
 
Inside3 dp santa clara 22oct2015 via tuan tranpham
Inside3 dp santa clara 22oct2015 via tuan tranphamInside3 dp santa clara 22oct2015 via tuan tranpham
Inside3 dp santa clara 22oct2015 via tuan tranpham
 
Efesto presentation kunal varma
Efesto presentation kunal varmaEfesto presentation kunal varma
Efesto presentation kunal varma
 
Infra trac 3d-102115-summaryslide
Infra trac 3d-102115-summaryslideInfra trac 3d-102115-summaryslide
Infra trac 3d-102115-summaryslide
 
V rin construction-7
V rin construction-7V rin construction-7
V rin construction-7
 
I3 dp tc santa clara oct2015 distro v2
I3 dp tc santa clara oct2015 distro v2I3 dp tc santa clara oct2015 distro v2
I3 dp tc santa clara oct2015 distro v2
 

Kürzlich hochgeladen

B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxpriyanshujha201
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxAndy Lambert
 
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...Any kyc Account
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Centuryrwgiffor
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
 
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...Suhani Kapoor
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Roland Driesen
 
Event mailer assignment progress report .pdf
Event mailer assignment progress report .pdfEvent mailer assignment progress report .pdf
Event mailer assignment progress report .pdftbatkhuu1
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876dlhescort
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒anilsa9823
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
 

Kürzlich hochgeladen (20)

B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
 
Event mailer assignment progress report .pdf
Event mailer assignment progress report .pdfEvent mailer assignment progress report .pdf
Event mailer assignment progress report .pdf
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 

From Bitcoin Hardware Wallets to Personal Privacy Devices

  • 1. From Bitcoin Hardware Wallets to Personal Security Devices Inside Bitcoins Seoul 2015
  • 2. Nicolas Bacca, CTO, Ledger Secure Element solutions architect Whitehat security reports https://github.com/btchip/trezor-security-exploits http://fr.slideshare.net/EricLarcheveque/bitcoin- hardware-wallets-security About me LEDGER
  • 3. Key protection Malware, (side channels, covert channels) Independant devices Static validation only Check destination, amount Hardware Wallets today
  • 4. Confirming a transaction is complicated Common use case : web purchase is not covered BIP 70 helps, but is not supported by Hardware Wallets yet BIP 70 is merchant centric PKI issues again - how to validate certificates, how to revoke certificates on a disconnected User Experience limitations LEDGER
  • 5. Colored Coins with multiple kernels Open Assets popular right now Blockchain proofs Augur, Bitproof ... More Smart Contracts in the future New protocol layers Sidechains, Hubs Growing, dynamic use cases for Blockchain applications LEDGER
  • 6. Arbitrary signature Mails, contracts, GnuPG, ... Arbitrary encryption (export warning …) Mails, messages, GnuPG, … Identity FIDO, SSH, ... Other generic use cases LEDGER
  • 7. User Experience should be customizable One size doesn’t fit all Valuable assets go way beyond the transaction amount. Moving targets for Blockchain applications LEDGER
  • 8. More complicated to revoke Can not just send the coins to another address Open plug-ins complexity Additional leak risks if not properly isolated Growing security concerns LEDGER
  • 9. Dynamic applications Isolation of critical components Performance (size and speed) Technical issues LEDGER
  • 10. Provisioning strategy Signed by the device / App Store Storage Internal or External General purpose APIs First software isolation layer Dynamic applications LEDGER
  • 11. User enrolls the device locally User signs the generic application Optionally recompiles / checks it User installs the signed application Now specifically trusted for this device Provisioning strategy (self) LEDGER
  • 12. User enrolls the device into App Store App Store encrypts the application App Store personalizes the application Can be device specific, encrypted Provisioning strategy (app store with secret in apps) LEDGER
  • 13. User enrolls the device into App Store App Store signs the application App Store personalizes the application Can be device specific, encrypted Provisioning strategy (app store with common apps, enrollment) LEDGER
  • 14. User downloads a signed application Provisioning strategy (app store with common apps, no personalization) LEDGER
  • 15. Different models Easier if no secrets in apps, no personalization Can be mixed App Store and specific user trusted applications Provisioning strategy LEDGER
  • 16. Requires a fine flash management API Sectors are too big for some MCUs Filesystem issues Reorganizations, wear leveling and anti tearing Helps for a standalone device Also for collaboration between applications Internal storage LEDGER
  • 17. Requires “large” available RAM space Or a mixed storage strategy, not efficient Not standalone Need to always have the application around Replay issues if everything is external On board application state storage is easier External storage LEDGER
  • 18. Internal Storage easier when possible Pick the right MCU or use Secure Elements Otherwise compromises to be made Application state storage & overall usability Storage LEDGER
  • 19. Isolation of the cryptographic materials Most important thing to do whatever the use Different use cases Wallet plugin or full application oriented General Purpose APIs LEDGER
  • 20. Signature APIs to be validated Might control but not sign blindly Handle new outputs, TX formats For example Payment Protocol or colors Provide additional TX information On screen display or confirmation logic Wallet plugin APIs LEDGER
  • 21. API provide basic building blocks Crypto, I/O Everything else implemented using it Full wallet and extensions Isolation is critical Typically prevent raw flash reads Full application oriented API LEDGER
  • 22. Way more complex than full isolation Isolation, with some firewalling logic Specific implementation can help Virtual machine easier than bare metal Also concurrent execution to consider Way easier if not supporting it Inter application communication LEDGER
  • 23. Architecture to be chosen “Full” is more flexible, if doable on the platform Isolation is the most critical asset Proper crypto APIs is the second one Key protection, side channel resistant General Purpose APIs LEDGER
  • 24. High level virtual machine Used in high level languages Low level virtual machine CPU emulation, target standard C code Hardware assisted Can also help in VM development Isolation strategies LEDGER
  • 25. How easy is it to audit Carefully audit optimizations (native translation) Sandbox escaping : type confusion Raw pointer access risk, invalid bytecode Sandbox escaping : native interface Audit argument checks Security of a High level virtual machine LEDGER
  • 26. Well audited security model Earliest Virtual Machine around Flexible performance Different versions, see also Java Card Complicated licensing Free/OSS embedded implementations at risk High level Virtual Machine : Java LEDGER
  • 27. Simple security model Easy to audit (bytecode similar to Java) Predictable performance No optimization in the default version Licensing to be validated Apache, but some IP claims in the past High level Virtual Machine : Dalvik LEDGER
  • 28. Security model to be validated Different complex types, lists Flexible performance No optimization or machine translation Open Source licensing MIT High level Virtual Machine : microPython LEDGER
  • 29. Security model to be validated Different complex types Predictable performance No optimization Open Source licensing MIT High level Virtual Machine : embedded Lua LEDGER
  • 30. How easy is it to audit Carefully audit optimizations (native translation) Sandbox escaping : native interface Audit argument checks Security of a Low level virtual machine LEDGER
  • 31. Very simple architecture No risks Predictable performance No optimization Open Source licensing MIT Low level Virtual Machine : moxie LEDGER
  • 32. Memory Protection Unit Isolate memory areas (flash / RAM) Supervisor mode Lock the MPU MPU + SU enable “trap” service calls Isolate the core APIs and the applications Hardware assisted isolation LEDGER
  • 33. Optional for ARM M3 MCUs Found in some MCU, not entry level Common for ARM Secure Elements SC000 / SC300 Hardware assisted isolation support LEDGER
  • 34. Native isolation when supported C code with native performance Moxie VM when not supported Source code portability Optional lightweight Dalvik on top For Java (Card) developers Ledger implementation LEDGER
  • 35. Java Card playground for the high level API https://github.com/ledgerhq/ledger-javacard (soon) Trusted Execution Environment public beta, high level isolation prototype Open Source isolation product coming up Jan 2016 for developers (Ledger Blue : USB, BLE, NFC, screen) Follow up with Ledger LEDGER @LedgerHQ