You can often hear security engineers saying βdo not design your cryptosystems, especially if you donβt know anything about themβ. Nah, ignore it. What can really go wrong?
Imagine you have a radio-controlled βπβπ¨β toy car.
Itβs very popular and has an open-source firmware with a large community around. Your car uses secure protocol to communicate with remote control and can drive on a long distance.
Is it protected from the hijackers now? Well, we doubt a lot π€, as crypto bugs can sit in the code invisibly until itβs too late to notice them.
What can happen?
π Static IV in CBC fails to achieve probabilistic encryption
π AES-CBC Padding Oracle attack
π AES-CTR is broken using fixed nonce
π Encrypted messages integrity is not protected
π Side channels and replay attacks
π and thatβs still not all folks.
Read our new article π Cryptographic failures in RF encryption allow stealing robotic devices π and play interactive demo games to learn how your robotic devices can be stolen from you by someone with a radio antenna.
Top comments (0)