Wouter Bokslag
Wouter Bokslag is a co-founding partner and security researcher at Midnight Blue. He is known for the reverse-engineering and cryptanalysis of several proprietary in-vehicle immobilizer authentication ciphers used by major automotive manufacturers as well as co-developing the world's fastest public attack against the Hitag2 cipher. He holds a Master's Degree in Computer Science & Engineering from Eindhoven University of Technology (TU/e) and designed and assisted in teaching hands-on offensive security classes for graduate students at the Dutch Kerckhoffs Institute for several years.
He co-authored the TETRA:BURST research and currently provides security consultancy services for clients ranging from government agencies and critical infrastructure to IT and OT companies across industry verticals.
Session
This talk will present details of the TETRA:BURST vulnerabilities - the result of the first public in-depth security analysis of TETRA (Terrestrial Trunked Radio). This European standard for trunked radio is used globally by government agencies, police, military, and critical infrastructure, for applications ranging from voice communications to SCADA telecontrol of energy distribution, oil rigs and train safety systems.
Authentication and encryption within TETRA are handled by proprietary cryptographic cipher-suites, which had previously remained secret for over two decades through the use of restrictive NDAs. Last year, we presented the result of a two-year research project, and disclosed both open-source implementations of the secret primitives as well as a first public security assessment of the technology. Several critical vulnerabilities were identified, including a deliberate backdoor.