Collaborate Disseminate
As an Automotive Security Professional, my state of the art approach to implement a Secure Access would be to have an ECU generate a challenge (nonce + ID), forward it to the tester who can pass the challenge to the backend system which si… Continue reading Is the Seed-And-Key Challenge-Response used in Automotive Security really secure?
The specifications for TLS 1.3 0-RTT mention the following threat which an attacker might realize:
Network attackers who take advantage of client retry behavior to
arrange for the server to receive multiple copies… Continue reading Understanding a TLS 1.3 0-RTT replay attack
I realize how a buffer overflow works but I have a problem understanding the direction in which the overflow is directed. So if the stack grows downwards, that means that the return address is above the variable’s reserved sp… Continue reading If the stack grows downwards, how can a buffer overflow overwrite content above the variable?
In our IT Security class we have been told that you need CA’s to prevent attacks on a digital signature. Sadly, our docent didn’t elaborate how such attack would be performed – I can only guess that someone would try to do a MitM:
Alice … Continue reading How does an attack on a digital signature work?