Home > On-Demand Archives > Theatre Talks >

How to Keep Your Secret (Key)?

Pawel Gielmuda - Watch Now - EOC 2023 - Duration: 34:34

How to Keep Your Secret (Key)?
Pawel Gielmuda

During the presentation I will start by exploring low-level attacks to obtain secret keys:

  •  Examining the Meltdown and Spectre attacks, which exploit hardware architectural features,
  •  Understanding Side Channel Attacks on AES based on chip power consumption,
  •  Analyzing example of poor key management and quality in WEP WiFi networks.

After that, I will explain how to secure cryptography keys by:

  • proper generation (entropy and random number generator)
  • safe exchange (Diffie-Helman and Quantum key approach)
  • proper distribution (centralized vs distributed -> PKI vs blockchain approach)
  • secure storage (in embedded devices, servers, hardware wallets)

Finally, I will provide an example of an IoT device to illustrate how the above features are demonstrated in real-world application.

italicssurround text with
boldsurround text with
**two asterisks**
or just a bare URL
surround text with
strikethroughsurround text with
~~two tilde characters~~
prefix with

Score: 0 | 11 months ago | no reply

I really enjoyed your presentation and found it informative. Thank you!

Score: 0 | 1 year ago | no reply

Thanks Pawel for the presentation. In terms of actual hardware solution, what exactly is important to look fore when storage keys in an embedded system (microcontroller-based) ? Between the dual core 'pseudo hardware isolation' of things like the STM32WL, the ARM definition for Trustzone-M and the external secure element components, it's hard to figure out what is what and in which case each solution makes more sense.