Thursday, February 19, 2009

Trust establishment in ISR

Arvind Suresh writes:

Following the discussions in class yesterday, I thought this would be an appropriate optional reading for those interested in knowing about trust establishment mechanisms in ISR.

Rapid Trust Establishment for Pervasive Personal Computing
Ajay Surie, Adrian Perrig, Mahadev Satyanarayanan and David J. Farber

Wednesday, February 18, 2009 - Linux power consumption

Jason Franklin points out, a very nice repository of power-tuning tricks and tools for Linux.

Wednesday, February 11, 2009

Obligatory RFID security post: Cloning passports

Another person managed to read passport RFID data remotely.

While the topic of the course isn't security, the weakness of many RFID systems is a direct consequence of extremely-low-power operation: to avoid the need to have expensive and power-hungry computational capabilities on the RFID chips, many designs use a passive RFID that only sends a single value, instead of being able to participate in a cryptographic protocol. The results are predictable when they're used in scenarios where reading the chips is possible. Even some active RFID systems take shortcuts that leave them vulnerable to brute-force attacks (such as using 40-bit keys to reduce computation time and power).