xenol's blog

Chance favors the prepared mind

Dec 30, 2012 - 2 minute read - 29C3 CCC

29c3: Day Three

Third day of the Congress was filled with some number of interesting talks I visited. I started with a talk, in which I was interested the most - An Overview of Secure Name Resolution - DNSSEC, DNSCurve and Namecoin. Speaker gave great introduction into DNSSEC and also talked about its deployment rate. He also spoke DNSSEC’s use in amplification attacks and suitable countermeasures. DNSCurve and Namecoin was discussed as well. From this talk, it is clear that DNSSEC is the way forward. Video will be available shortly.

Security Evaluation of Russian GOST Cipher gave nice overview of Russian GOST cipher and it’s history. In theory, GOST should be secure for 200 more years. I am a bit sceptic as in the last two years there were found around 20+ possible attacks on GOST. Speaker talked about them and described the steps how to attack. Video will be available shortly.

Another great talk by Daniel J. Bernstein was titled Hash-flooding DoS reloaded: attacks and defenses. Dan explained hash tables and described anatomy of the hash flooding attacks in detail. Martin Boßlet demonstrated vulnerability on languages using MurmurHash as a hashing function. He used Ruby and Java for demonstrating purposes. Martin spoke about better alternatives - CityHash by Google. However, he demonstrated that it is worse than MurmurHash family of hash functions. SipHash was introduced as a simple, yet secure alternative. Video will be available shortly.