A side-channel attack involves exploiting information leaked during the execution of a computer program/system. Side-channel attacks take advantage of unintended side effects in normal operations that can reveal sensitive information (often cryptographic keys or higher access privileges). Common side-channel attack vectors include power consumption, EM radiation, timing variations, acoustic signals (e.g., keystrokes), temperature, and processor caches.
Elliptic Curve Cryptography [ECC]
3 November 2023 by Phillip Johnston • Last updated 29 November 2023Elliptic Curve Cryptography (ECC) is an alternative to prime-number based cryptographic algorithms like RSA. ECC is especially interesting to embedded developers due to its efficiency gains. ECC provides higher security with shorter key lengths (a 256-bit ECC key is roughly equivalent to a 3072-bit RSA key in terms of security) It requires less computational power and memory Elliptic curves are applicable for key agreement, digital signatures, and pseudo-random generators. ECC is more often used for signature generation than full-on encryption, but it can be used for such purposes by …
Continue reading “Elliptic Curve Cryptography [ECC]”
Supply Chain Attack
A supply chain attack is when an attacker targets a company’s software supply chain to exploit a target system. This involves compromising software dependencies, vendors, or third-party services.
Provisioning
Provisioning, in the context of an electronic device, refers to the process of configuring a device for use. For most devices, provisioning occurs at the factory, setting up the device with details such as serial numbers, MAC addresses, security keys, and calibration data. Many devices also require a secondary provisioning step that occurs when a customer sets up a device.
ECDSA
ECDSA stands for Elliptic Curve Digital Signature Algorithm. This algorithm is commonly used to create and authenticate digital signatures.
Root of Trust [RoT]
The “Root of Trust” (RoT) is the fundamental security component in the system that is used as the foundation for a Secure Boot process.
Secure Boot
“Secure boot” generally refers to the process of ensuring that only firmware approved by trusted parties can run on a system.
Key Rotation
Key rotation refers to the process of changing encryption keys used to protect or sign data.
Secure Secret Storage
A number of security-related practices involve the use of secrets. Most commonly found are public/private encryption keys, such as Code Signing, encrypted communications, and SSH authentication. You need a way to securely store these secrets to prevent your systems from being compromised.
Code Signing
Code signing is a process of using a cryptographic algorithm to add a “digital signature” to a binary (or other code artifact). This signature is used to ensure the provenance and integrity of the binary.