Pawel Gielmuda
Pawel Gielmuda is a seasoned software and hardware engineer with 12 years of experience in the field. He was involved in the development of an IP Encryptor from the ground up, using an FPGA chip for five years. This project has given him a comprehensive understanding of software and hardware development for cryptographic devices. In addition to this, he has also worked on software testing for the largest cruise aircraft, ensuring compliance with the DO-178 standard. Currently, Pawel is employed at Mobica, where he is responsible for testing server cryptographic accelerators. In his free time, he maintains a blog at https://pgielmuda.medium.com/.
How to Keep Your Secret (Key)?
Status: Available NowDuring the presentation I will start by exploring low-level attacks to obtain secret keys:
- Examining the Meltdown and Spectre attacks, which exploit hardware architectural features,
- Understanding Side Channel Attacks on AES based on chip power consumption,
- Analyzing example of poor key management and quality in WEP WiFi networks.
After that, I will explain how to secure cryptography keys by:
- proper generation (entropy and random number generator)
- safe exchange (Diffie-Helman and Quantum key approach)
- proper distribution (centralized vs distributed -> PKI vs blockchain approach)
- secure storage (in embedded devices, servers, hardware wallets)
Finally, I will provide an example of an IoT device to illustrate how the above features are demonstrated in real-world application.