Talk

Unlocking Cryptography: Fundamentals and Applications in Embedded Systems

Frida Gail Rojas Contreras

Watch Now

36:49

EOC 2025

Login to Watch

Frida Gail Rojas Contreras

Frida (a.k.a. Gail) was an embedded engineering supervisor for end-to-end product development teams in buildings automation industry. Recently, she has been focusing on being a full-time embedded systems developer in IoT networking industry. She loves learning about new technologies and particularly enjoys working with solutions that involve firmware and math. Frida holds a Bachelor's degree in Mechatronics Engineering from Insitiuto Tecnológico Autónomo de México (ITAM) and a Master's degree in Electrical Engineering for Control Theory field from Universidad Nacional Autónoma de México (UNAM).

View full profile

Topics Covered

Security

Talk

Unlocking Cryptography: Fundamentals and Applications in Embedded Systems

Frida Gail Rojas Contreras

36:49 EOC 2025

Frida Gail Rojas Contreras

36:49

The goal of this talk is to provide an overview of cryptography, including security fundamentals, types of cryptography, cryptography algorithms, and some of its applications in embedded systems.

1 / 4

Please log in or create an account to test your knowledge and see the answers.

What approach does the speaker recommend to prevent padding oracle attacks against block-cipher implementations?

A Authenticate the message before decryption (verify origin)

B Use ECB mode so no padding is needed

C Increase the block size to 256 bits to avoid padding issues

D Return detailed error messages to help debugging so developers can fix padding

E Design a custom, nonstandard padding scheme to hide padding details

According to the talk, what is the primary practical advantage of asymmetric (public-key) encryption compared with symmetric encryption?

A It eliminates the need for a secure key exchange

B It is always faster and less computationally expensive than symmetric encryption

C It uses a single shared secret key for both encryption and decryption

D It requires no verification or signatures to authenticate senders

E It makes encryption unnecessary because the public key is public

Why does the speaker stress using sufficiently large hash sizes (for example, modern SHA variants)?

A Larger hash sizes reduce the risk of brute-force and collision attacks

B Larger hash sizes allow recovery of the original message from the hash

C Hash size only affects storage cost and does not change security

D Smaller hashes are more secure because they compute faster

E If a hash has a large output, encryption becomes unnecessary

What practical benefit of elliptic curve cryptography (ECC) over RSA does the speaker highlight for embedded systems?

A ECC can provide the same security as RSA with much shorter key lengths, improving computation and storage efficiency

B ECC keys are always longer than RSA keys, giving stronger security

C ECC removes the need for private keys and uses only public keys

D RSA is preferable for constrained devices because it uses smaller keys

E ECC cannot be used for digital signatures, only encryption

Formatting help

italics	surround text with asterisks
bold	surround text with two asterisks
hyperlink	[hyperlink](https://example.com) or just a bare URL
inline code	surround text with single `backticks`
code block (multi-line)	wrap on its own lines with three backticks: ``` your code here ```
~~strikethrough~~	surround text with ~~two tilde characters~~
quote	prefix with >

Upvotes Newest Oldest

datamstr

Score: 0 | 1 year ago | no reply

Excellent presentation!

Nikos-veevue

Score: 0 | 1 year ago | no reply

Nice presentation, thank you! I have a question: you mentioned in your key takeaway that one should always consult security authorities documentation to know which techniques are approved to be used. Can you elaborate more on this? How can we keep updated on this topic, for example how to get the information that an algorithm is no longer regarded as secure.

lhhl

Score: 0 | 1 year ago | no reply

Is quantum-safe cryptography being applied to embedded systems currently or in the near future? EDIT: Right after I typed this comment the slide changed to one about post-quantum cryptography!

Partners & Sponsors

CodeSecure

atym

embedd.it

IAR

Become a Sponsor