You can often hear security engineers saying “do not design your cryptosystems, especially if you don’t know anything about them”. Nah, ignore it. What can really go wrong?
Imagine you have a radio-controlled 🚗💨 toy car.
It’s very popular and has an open-source firmware with a large community around. Your car uses secure protocol to communicate with remote control and can drive on a long distance.
Is it protected from the hijackers now? Well, we doubt a lot 🤔, as crypto bugs can sit in the code invisibly until it’s too late to notice them.
What can happen?
🔘 Static IV in CBC fails to achieve probabilistic encryption
🔘 AES-CBC Padding Oracle attack
🔘 AES-CTR is broken using fixed nonce
🔘 Encrypted messages integrity is not protected
🔘 Side channels and replay attacks
🙀 and that’s still not all folks.
Read our new article 👉 Cryptographic failures in RF encryption allow stealing robotic devices 👈 and play interactive demo games to learn how your robotic devices can be stolen from you by someone with a radio antenna.
Top comments (0)