Sveriges mest populära poddar
CyberWire Daily

IoT security and the need for randomness. [Research Saturday]

32 min2 oktober 2021

Dan Petro, Lead Researcher, and Allan Cecil, Security Consultant, from Bishop Fox join Dave to share their research "You're Doing IoT RNG," that they presented at DefCon 29. There’s a crack in the foundation of Internet of Things (IoT) security, one that affects 35 billion devices worldwide. Basically, every IoT device with a hardware random number generator (RNG) contains a serious vulnerability whereby it fails to properly generate random numbers, which undermines security for any upstream use. In order to perform most security-relevant operations, computers need to generate secrets via an RNG. These secrets then form the basis of cryptography, access controls, authentication, and more. The details of exactly how and why these secrets are generated varies for each use.

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

CyberWire Daily med N2K Networks finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.