On 2/22/2014 6:25 PM, Tom Metro wrote:
I think the speaker before Jim Gettys was Jeff Schiller on "Security in IoT cannot be an afterthought!" He shared a security tip he learned from Bitcoin: Instead of embedding your public key in your firmware, to validate updates, which apparently makes your PKI more vulnerable to attack, you embed a hash of the key, and supply the public key with the update. And change your key for each update, which means you supply a new hash with the update for the key that will be used for next update.
Doesn't that mean that you have to install every update in sequence? _______________________________________________ Hardwarehacking mailing list [email protected] http://lists.blu.org/mailman/listinfo/hardwarehacking
