Category Archives: Articles

image_pdfimage_print

The American Intelligence: How It Works

The American Intelligence How It Works : Section 702
Learn more about the American Intelligence written by Jacques Gascuel, inventor of sensitive data safety and security systems, for Freemindtronic. This article may be updated on this subject.

The American intelligence: a paradox

The American intelligence is powerful and influential, but also faces limits and challenges. Discover how it works, what are its consequences, and how to protect yourself from it.

2023 Articles Cardokey Eco-friendly EviSwap NFC NDEF Technology GreenTech

NFC Business Cards with Cardokey free for life: How to Connect without Revealing

2023 Articles Cyberculture EviCore HSM OpenPGP Technology EviCore NFC HSM Browser Extension EviCore NFC HSM Technology Legal information Licences Freemindtronic

Unitary patent system: why some EU countries are not on board

Andorran law

Llei 26/2014 del 30 d’octubre de patents

Articles Crypto Currency Cryptocurrency Digital Security EviPass Technology NFC HSM technology Phishing

Ledger Security Breaches from 2017 to 2023: How to Protect Yourself from Hackers

The American Intelligence: How It Works, Its Limits and Consequences

The American intelligence is one of the most powerful and influential in the world. It has a vast network of agencies, resources, and allies that enable it to collect, analyze, and act on information of strategic interest. However, the American intelligence also faces challenges and criticisms, both internally and externally. In this article, we will explore how the American intelligence works, what are its limits, and what are the consequences of its actions for the global security and privacy.

How the American Intelligence Works

The American intelligence is composed of 18 agencies that form the Intelligence Community (IC). These agencies are divided into two categories: the civilian agencies, which are under the supervision of the Director of National Intelligence (DNI), and the military agencies, which are under the supervision of the Secretary of Defense.

The main civilian agencies are:

  • The Central Intelligence Agency (CIA), which is responsible for collecting, analyzing, and disseminating foreign intelligence, as well as conducting covert operations and paramilitary activities.
  • The National Security Agency (NSA), which is responsible for collecting, processing, and disseminating signals intelligence (SIGINT), as well as conducting cyber operations and protecting the US government’s communications and information systems.
  • The Federal Bureau of Investigation (FBI), which is responsible for collecting, analyzing, and disseminating domestic intelligence, as well as conducting counterintelligence, counterterrorism, and law enforcement activities.
  • The National Geospatial-Intelligence Agency (NGA), which is responsible for collecting, analyzing, and disseminating geospatial intelligence (GEOINT), which includes imagery, maps, and other geographic information.
  • The National Reconnaissance Office (NRO), which is responsible for designing, launching, and operating reconnaissance satellites and other space-based systems that provide intelligence to the IC and the Department of Defense (DoD).
  • The Office of the Director of National Intelligence (ODNI), which is responsible for overseeing, coordinating, and integrating the activities of the IC, as well as providing strategic guidance and support to the DNI.

The main military agencies are:

  • The Defense Intelligence Agency (DIA), which is responsible for providing military intelligence to the DoD and the IC, as well as conducting human intelligence (HUMINT), counterintelligence, and defense attaché activities.
  • The National Security Agency/Central Security Service (NSA/CSS), which is responsible for providing SIGINT and cyber support to the DoD and the IC, as well as conducting information assurance and cryptologic activities.
  • The National Geospatial-Intelligence Agency (NGA), which is responsible for providing GEOINT support to the DoD and the IC, as well as conducting geospatial analysis and mapping activities.
  • The National Reconnaissance Office (NRO), which is responsible for providing space-based intelligence support to the DoD and the IC, as well as conducting satellite reconnaissance and surveillance activities.
  • The Military Intelligence Corps (MI), which is responsible for providing tactical and operational intelligence to the Army and the joint force, as well as conducting HUMINT, SIGINT, GEOINT, and counterintelligence activities.
  • The Office of Naval Intelligence (ONI), which is responsible for providing maritime intelligence to the Navy and the joint force, as well as conducting HUMINT, SIGINT, GEOINT, and counterintelligence activities.
  • The Marine Corps Intelligence Activity (MCIA), which is responsible for providing intelligence to the Marine Corps and the joint force, as well as conducting HUMINT, SIGINT, GEOINT, and counterintelligence activities.
  • The Air Force Intelligence, Surveillance, and Reconnaissance Agency (AFISRA), which is responsible for providing intelligence to the Air Force and the joint force, as well as conducting HUMINT, SIGINT, GEOINT, and counterintelligence activities.

The American intelligence works by collecting information from various sources, such as human sources, signals, images, open sources, and others. It then analyzes this information to produce intelligence products, such as reports, assessments, briefings, and forecasts. These products are then disseminated to the relevant consumers, such as the President, the Congress, the military, the policy makers, and the allies. The American intelligence also acts on the information it collects, by conducting operations, such as covert actions, cyber attacks, drone strikes, and special operations.

The Limits of the American Intelligence

The American intelligence, despite its capabilities and resources, is not omnipotent or infallible. It faces several limits and challenges, such as:

  • Legal and ethical limits: The American intelligence is bound by the laws and regulations of the US and the international community, as well as by the values and principles of the American democracy. It must respect the rights and liberties of the American citizens and the foreign nationals, as well as the sovereignty and interests of the other countries. It must also abide by the oversight and accountability mechanisms of the executive, the legislative, and the judicial branches, as well as the public opinion and the media. The American intelligence must balance its need for secrecy and effectiveness with its duty for transparency and legitimacy.
  • Technical and operational limits: The American intelligence is limited by the availability and reliability of the information it collects, as well as by the accuracy and timeliness of the analysis it produces. It must deal with the challenges of information overload, data quality, data security, data privacy, and data sharing. It must also cope with the threats and risks of cyber attacks, counterintelligence, deception, and denial. The American intelligence must balance its need for innovation and adaptation with its need for standardization and coordination.
  • Strategic and political limits: The American intelligence is limited by the complexity and uncertainty of the global environment, as well as by the diversity and dynamism of the actors and issues it faces. It must deal with the challenges of globalization, multipolarity, regionalization, and fragmentation. It must also cope with the threats and opportunities of terrorism, proliferation, rogue states, failed states, and emerging powers. The American intelligence must balance its need for anticipation and prevention with its need for reaction and intervention.

The Consequences of the American Intelligence

The American intelligence has significant consequences for the global security and privacy, both positive and negative, such as:

  • Positive consequences: The American intelligence contributes to the protection and promotion of the national security and interests of the US and its allies, as well as to the maintenance and enhancement of the international peace and stability. It provides valuable information and insights to the decision makers and the operators, as well as to the public and the media. It also conducts effective operations and actions to deter, disrupt, or defeat the adversaries and the threats. The American intelligence plays a key role in the global intelligence cooperation and coordination, as well as in the global governance and leadership.
  • Negative consequences: The American intelligence also poses risks and challenges to the security and privacy of the US and its allies, as well as to the international order and norms. It may collect, analyze, or disseminate information that is inaccurate, incomplete, or biased, leading to errors, failures, or controversies. It may also conduct operations or actions that are illegal, unethical, or counterproductive, leading to violations, scandals, or backlashes. The American intelligence may face competition or conflict with the other intelligence services or actors, as well as with the other stakeholders or interests.

Section 702 of FISA: A Surveillance Without Control

  • On July 17, 2008, the US Congress passed section 702 of the FISA (Foreign Intelligence Surveillance Act), which authorizes the US intelligence agencies to collect the electronic communications of non-Americans located abroad, without a warrant from the FISA judge.
  • On January 19, 2018, the US Congress extended section 702 of FISA until December 31, 2023, without making any substantial changes.
  • On March 22, 2023, the US Congress extended section 702 of FISA again until April 19, 2024, without making any significant changes.
  • On December 16, 2023, the US Congress approved the National Defense Authorization Act (NDAA), which included a four-month extension of section 702 of FISA, avoiding its expiration at the end of the year.

The Violation of the Right to Privacy

  • On June 5, 2013, the whistleblower Edward Snowden revealed the existence of the PRISM program, which allowed the US intelligence agencies to access the data of the users of the main electronic service providers, such as Google, Facebook, Microsoft or Apple.
  • On October 6, 2015, the Court of Justice of the European Union (CJEU) invalidated the Safe Harbor, an agreement that allowed the transfer of personal data between the European Union and the United States, considering that it did not offer an adequate level of protection.
  • On July 16, 2020, the CJEU invalidated the Privacy Shield, the successor of the Safe Harbor, for the same reasons, considering that the risk of interference by the US intelligence services in the transferred data was incompatible with the respect of the fundamental rights of the persons concerned.
  • On July 31, 2023, the CJEU issued a ruling that confirmed the invalidity of the Privacy Shield and imposed strict conditions for the transfer of personal data to third countries, especially the United States, under the standard contractual clauses (SCCs) or the binding corporate rules (BCRs).

The Legal and Political Consequences

  • On October 24, 2013, the European Parliament adopted a resolution that condemned the massive surveillance activities of the US intelligence services and called for the suspension of the cooperation agreements on security and counter-terrorism.
  • On October 23, 2015, the European Parliament adopted another resolution that requested the creation of an independent international tribunal to examine the complaints of the European citizens regarding the surveillance of the US intelligence services.
  • On September 14, 2018, the European Parliament adopted a third resolution that called for the suspension of the Privacy Shield, due to the non-compliance of the commitments made by the United States on the protection of personal data.
  • On August 31, 2023, the European Parliament adopted a fourth resolution that asked the European Commission to propose a new legislation on the protection of personal data in the context of cross-border data flows, which would guarantee a level of protection equivalent to that of the general data protection regulation (GDPR).

Sources:

Congress passes temporary extension of FISA Section 702 surveillance program – Axios:

The Court of Justice invalidates Decision 2016/1250 on the adequacy of the protection provided by the EU-US Data Protection Shield:

FISA Section 702: What it is and why Congress is debating it – NBC News

New technologies and products that limit the possibilities of intelligence

Facing the capabilities of collection and analysis of the American intelligence, which threaten the privacy and sovereignty of individuals and countries, there are new technologies and products that allow to limit the possibilities of intelligence. These technologies and products use techniques of encryption, cryptography, blockchain or NFC to protect personal data and electronic communications. They offer an alternative to traditional solutions, which are often vulnerable to attacks or interceptions by the American intelligence. Among these technologies and products, we can mention:

  • EviCypher NFC HSM and EviCypher HSM OpenPGP, which are patented technologies in the United States in the field of cybersecurity developed by Freemindtronic SL Andorra, used in counter-espionage products such as DataShielder Defense. They allow to encrypt and decrypt data without contact, thanks to hardware security modules that use NFC technology. They offer compatibility with OpenPGP standards, operating without server, without database, with a very high level of flexibility from different removable, fixed and online and offline storage media including NFC HSM.
  • DataShielder DefenseDataShielder Defense, which is a counter-espionage product developed by Freemindtronic SL Andorra, which uses EviCore NFC HSM and EviCore HSM OpenPGP technologies to encrypt and decrypt all types of data and communication services. This product protects sovereign communications, by preventing the American intelligence from accessing personal, professional or state secrets. It also guarantees the sovereignty of users, by making their data anonymous and inviolable.
  • Signal, which is an instant messaging application that uses the Signal protocol, which is an end-to-end encryption protocol that ensures the confidentiality and integrity of messages. This application allows to communicate anonymously and securely, by avoiding the surveillance or censorship of the American intelligence.
  • Tor, which is a decentralized network that uses volunteer relays to route Internet traffic anonymously and encrypted. This network allows to browse the web without leaving traces, by hiding the IP address and location of users. It also allows to access hidden websites, which are not indexed by search engines.

These technologies and products represent examples of innovative solutions that limit the possibilities of the American intelligence and preserve the individual and collective sovereignty. They also illustrate the issues and challenges related to the use of digital technologies in the field of intelligence.

Conclusion

The American intelligence is a complex and dynamic phenomenon that has a significant impact on the world. It has many strengths and weaknesses, as well as many opportunities and threats. It has many achievements and failures, as well as many benefits and costs. It is a source of both security and insecurity, both privacy and surveillance. It is a subject of both admiration and criticism, both cooperation and confrontation. The American intelligence is a paradox that requires a careful and balanced approach.

Ledger Security Breaches from 2017 to 2023: How to Protect Yourself from Hackers

Ledger Security Breaches from 2017 to 2023: How to Protect Yourself from Hackers
Ledger security breaches written by Jacques Gascuel, inventor specializing in safety and security of sensitive data, for Freemindtronic. This article will be updated with any new information on the topic.

Ledger security incidents: How Hackers Exploited Them and How to Stay Safe

Ledger security breaches have exposed the personal data and private keys of many users. Ledger is a French company that provides secure devices to store and manage your funds. But since 2017, hackers have targeted Ledger’s e-commerce and marketing database, as well as its software and hardware products. In this article, you will discover the different breaches, how hackers exploited them, what their consequences were, and how you can protect yourself from these threats.

2024 Digital Security

PrintListener: How to Betray Fingerprints

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

2024 Digital Security Spying

Ivanti Zero-Day Flaws: Comprehensive Guide to Secure Your Systems Now

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

2024 Articles Digital Security EviPass Password

Human Limitations in Strong Passwords Creation

2024 Articles Digital Security EviKey NFC HSM EviPass News SSH

Terrapin attack: How to Protect Yourself from this New Threat to SSH Security

2024 Articles Digital Security News Phishing

Google OAuth2 security flaw: How to Protect Yourself from Hackers

Ledger Security Breaches from 2017 to 2023: How to Protect Your Cryptocurrencies from Hackers

Have you ever wondered how safe your cryptocurrencies are? If you are using a Ledger device, you might think that you are protected from hackers and thieves. Ledger is a French company that specializes in cryptocurrency security. It offers devices that allow you to store and manage your funds securely. These devices are called hardware wallets, and they are designed to protect your private keys from hackers and thieves.

However, since 2017, Ledger has been victim of several security breaches, which have exposed the personal data and private keys of its users. These breaches could allow hackers to steal your cryptocurrencies or harm you in other ways. In this article, we will show you the different breaches that were discovered, how they were exploited, what their consequences were, and how you can protect yourself from these threats.

Ledger Security Issues: The Seed Phrase Recovery Attack (February 2018)

The seed phrase is a series of words that allows you to restore access to a cryptocurrency wallet. It must be kept secret and secure, as it gives full control over the funds. In February 2018, a security researcher named Saleem Rashid discovered a breach in the Ledger Nano S, which allowed an attacker with physical access to the device to recover the seed phrase using a side-channel attack.

How did hackers exploit the breach?

The attack consisted of using an oscilloscope to measure the voltage variations on the reset pin of the device. These variations reflected the operations performed by the secure processor of the Ledger Nano S, which generated the seed phrase. By analyzing these variations, the attacker could reconstruct the seed phrase and access the user’s funds.

Simplified diagram of the attack

Figure Ledger Security Issues: The Seed Phrase Recovery Attack (February 2018)
Statistics on the breach
  • Number of potentially affected users: about 1 million
  • Total amount of potentially stolen funds: unknown
  • Date of discovery of the breach by Ledger: February 20, 2018
  • Author of the discovery of the breach: Saleem Rashid, a security researcher
  • Date of publication of the fix by Ledger: April 3, 2018

Scenarios of hacker attacks

  • Scenario of physical access: The attacker needs to have physical access to the device, either by stealing it, buying it second-hand, or intercepting it during delivery. The attacker then needs to connect the device to an oscilloscope and measure the voltage variations on the reset pin. The attacker can then use a software tool to reconstruct the seed phrase from the measurements.
  • Scenario of remote access: The attacker needs to trick the user into installing a malicious software on their computer, which can communicate with the device and trigger the reset pin. The attacker then needs to capture the voltage variations remotely, either by using a wireless device or by compromising the oscilloscope. The attacker can then use a software tool to reconstruct the seed phrase from the measurements.

Sources

1Breaking the Ledger Security Model – Saleem Rashid published on March 20, 2018.

2Ledger Nano S: A Secure Hardware Wallet for Cryptocurrencies? – Saleem Rashid published on November 20, 2018.

Ledger Security Flaws: The Firmware Replacement Attack (March 2018)

The firmware is the software that controls the operation of the device. It must be digitally signed by Ledger to ensure its integrity. In March 2018, the same researcher discovered another breach in the Ledger Nano S, which allowed an attacker to replace the firmware of the device with a malicious firmware, capable of stealing the private keys or falsifying the transactions.

How did hackers exploit the Ledger Security Breaches?

The attack consisted of exploiting a vulnerability in the mechanism of verification of the firmware signature. The attacker could create a malicious firmware that passed the signature check, and that installed on the device. This malicious firmware could then send the user’s private keys to the attacker, or modify the transactions displayed on the device screen.

Simplified diagram of the attack

Figure Ledger Security Flaws: The Firmware Replacement Attack (March 2018)

Statistics on the breach

  • Number of potentially affected users: about 1 million
  • Total amount of potentially stolen funds: unknown
  • Date of discovery of the breach by Ledger: March 20, 2018
  • Author of the discovery of the breach: Saleem Rashid, a security researcher
  • Date of publication of the fix by Ledger: April 3, 2018

Scenarios of hacker attacks

  • Scenario of physical access: The attacker needs to have physical access to the device, either by stealing it, buying it second-hand, or intercepting it during delivery. The attacker then needs to connect the device to a computer and install the malicious firmware on it. The attacker can then use the device to access the user’s funds or falsify their transactions.
  • Scenario of remote access: The attacker needs to trick the user into installing the malicious firmware on their device, either by sending a fake notification, a phishing email, or a malicious link. The attacker then needs to communicate with the device and send the user’s private keys or modify their transactions.

Sources

: [Breaking the Ledger Security Model – Saleem Rashid] published on March 20, 2018.

: [Ledger Nano S Firmware 1.4.1: What’s New? – Ledger Blog] published on March 6, 2018.

Ledger Security Incidents: The Printed Circuit Board Modification Attack (November 2018)

The printed circuit board is the hardware part of the device, which contains the electronic components. It must be protected against malicious modifications, which could compromise the security of the device. In November 2018, a security researcher named Dmitry Nedospasov discovered a breach in the Ledger Nano S, which allowed an attacker with physical access to the device to modify the printed circuit board and install a listening device, capable of capturing the private keys or modifying the transactions.

How did hackers exploit the breach?

The attack consisted of removing the case of the device, and soldering a microcontroller on the printed circuit board. This microcontroller could intercept the communications between the secure processor and the non-secure processor of the Ledger Nano S, and transmit them to the attacker via a wireless connection. The attacker could then access the user’s private keys, or modify the transactions displayed on the device screen.

Simplified diagram of the attack

figure Ledger Security Incidents: The Printed Circuit Board Modification Attack (November 2018)

Statistics on the breach

  • Number of potentially affected users: unknown
  • Total amount of potentially stolen funds: unknown
  • Date of discovery of the breach by Ledger: November 7, 2019
  • Author of the discovery of the breach: Dmitry Nedospasov, a security researcher
  • Date of publication of the fix by Ledger: December 17, 2020

Scenarios of hacker attacks

  • Scenario of physical access: The attacker needs to have physical access to the device, either by stealing it, buying it second-hand, or intercepting it during delivery. The attacker then needs to remove the case of the device and solder the microcontroller on the printed circuit board. The attacker can then use the wireless connection to access the user’s funds or modify their transactions.
  • Scenario of remote access: The attacker needs to compromise the wireless connection between the device and the microcontroller, either by using a jammer, a repeater, or a hacker device. The attacker can then intercept the communications between the secure processor and the non-secure processor, and access the user’s funds or modify their transactions.

Sources

  • [Breaking the Ledger Nano X – Dmitry Nedospasov] published on November 7, 2019.
  • [How to Verify the Authenticity of Your Ledger Device – Ledger Blog] published on December 17, 2020.

Ledger Security Breaches: The Connect Kit Attack (December 2023)

The Connect Kit is a software that allows users to manage their cryptocurrencies from their computer or smartphone, by connecting to their Ledger device. It allows to check the balance, send and receive cryptocurrencies, and access services such as staking or swap.

The Connect Kit breach was discovered by the security teams of Ledger in December 2023. It was due to a vulnerability in a third-party component used by the Connect Kit. This component, called Electron, is a framework that allows to create desktop applications with web technologies. The version used by the Connect Kit was not up to date, and had a breach that allowed hackers to execute arbitrary code on the update server of the Connect Kit.

How did hackers exploit the Ledger Security Breaches?

The hackers took advantage of this breach to inject malicious code into the update server of the Connect Kit. This malicious code was intended to be downloaded and executed by the users who updated their Connect Kit software. The malicious code aimed to steal the sensitive information of the users, such as their private keys, passwords, email addresses, or phone numbers.

Simplified diagram of the attack

Figure Ledger Security Breaches The Connect Kit Attack (December 2023)

Statistics on the breach

  • Number of potentially affected users: about 10,000
  • Total amount of potentially stolen funds: unknown
  • Date of discovery of the breach by Ledger: December 14, 2023
  • Author of the discovery of the breach: Pierre Noizat, director of security at Ledger
  • Date of publication of the fix by Ledger: December 15, 2023

Scenarios of hacker attacks

  • Scenario of remote access: The hacker needs to trick the user into updating their Connect Kit software, either by sending a fake notification, a phishing email, or a malicious link. The hacker then needs to download and execute the malicious code on the user’s device, either by exploiting a vulnerability or by asking the user’s permission. The hacker can then access the user’s information or funds.
  • Scenario of keyboard: The hacker needs to install a keylogger on the user’s device, either by using the malicious code or by another means. The keylogger can record the keystrokes of the user, and send them to the hacker. The hacker can then use the user’s passwords, PIN codes, or seed phrases to access their funds.
  • Scenario of screen: The hacker needs to install a screen recorder on the user’s device, either by using the malicious code or by another means. The screen recorder can capture the screen of the user, and send it to the hacker. The hacker can then use the user’s QR codes, addresses, or transaction confirmations to steal or modify their funds.

Sources

Ledger Security Breaches: The Data Leak (December 2020)

The database is the system that stores the information of Ledger customers, such as their names, addresses, phone numbers and email addresses. It must be protected against unauthorized access, which could compromise the privacy of customers. In December 2020, Ledger revealed that a breach in its database had exposed the personal data of 292,000 customers, including 9,500 in France.

How did hackers exploit the breach?

The breach had been exploited by a hacker in June 2020, who had managed to access the database via a poorly configured API key. The hacker had then published the stolen data on an online forum, making them accessible to everyone. Ledger customers were then victims of phishing attempts, harassment, or threats from other hackers, who sought to obtain their private keys or funds.

Simplified diagram of the attack :

Statistics on the breach

  • Number of affected users: 292,000, including 9,500 in France
  • Total amount of potentially stolen funds: unknown
  • Date of discovery of the breach by Ledger: June 25, 2020
  • Author of the discovery of the breach: Ledger, after being notified by a researcher
  • Date of publication of the fix by Ledger: July 14, 2020

Scenarios of hacker attacks

  • Scenario of phishing: The hacker sends an email or a text message to the user, pretending to be Ledger or another trusted entity. The hacker asks the user to click on a link, enter their credentials, or update their device. The hacker then steals the user’s information or funds.
  • Scenario of harassment: The hacker calls or visits the user, using their personal data to intimidate them. The hacker threatens the user to reveal their identity, harm them, or steal their funds, unless they pay a ransom or give their private keys.
  • Scenario of threats: The hacker uses the user’s personal data to find their social media accounts, family members, or friends. The hacker then sends messages or posts to the user or their contacts, threatening to harm them or expose their cryptocurrency activities, unless they comply with their demands.

Sources:
– [Ledger Data Breach: A Cybersecurity Update – Ledger Blog] published on January 29, 2021.

Comparison with other crypto wallets

Ledger is not the only solution to secure your cryptocurrencies. There are other options, such as other hardware wallets, software wallets, or exchanges. Each option has its advantages and disadvantages, depending on your needs and preferences. For example, other hardware wallets, such as Trezor or Keepser, offer similar features and security levels as Ledger, but they may have different designs, interfaces, or prices. Software wallets, such as Exodus or Electrum, are more convenient and accessible, but they are less secure and more vulnerable to malware or hacking. Exchanges, such as Coinbase or Binance, are more user-friendly and offer more services, such as trading or staking, but they are more centralized and risky, as they can be hacked, shut down, or regulated. Another option is to use a cold wallet, such as SeedNFC HSM, which is a patented HSM that uses NFC technology to store and manage your cryptocurrencies offline, without any connection to the internet or a computer. It also allows you to create up to 100 cryptocurrency wallets and check the balances from this NFC HSM.

Technological, Regulatory, and Societal Projections

The future of cryptocurrency security is uncertain and challenging. Many factors can affect Ledger and its users, such as technological, regulatory, or societal changes.

Technological changes

It changes could bring new threats, such as quantum computing, which could break the encryption of Ledger devices, or new solutions, such as biometric authentication or segmented key authentication patented by Freemindtronic, which could improve the security of Ledger devices.

Regulatory changes

New rules or restrictions could affect Cold Wallet and Hardware Wallet manufacturers and users, such as Ledger. For example, KYC (Know Your Customer) or AML (Anti-Money Laundering) requirements could compromise the privacy and anonymity of Ledger users. They could also ban or limit the use of cryptocurrencies, which could reduce the demand and value of Ledger devices. On the other hand, other manufacturers who have anticipated these new legal constraints could have an advantage over Ledger. Here are some examples of regulatory changes that could affect Ledger and other crypto wallets:

  • MiCA, the proposed EU regulation on crypto-asset markets, aims to create a harmonized framework for crypto-assets and crypto-asset service providers in the EU. It also seeks to address the risks and challenges posed by crypto-assets, such as consumer protection, market integrity, financial stability and money laundering.
  • U.S. interagency report on stablecoins recommends that Congress consider new legislation to ensure that stablecoins and stablecoin arrangements are subject to a federal prudential framework. It also proposes additional features, such as limiting issuers to insured depository institutions, subjecting entities conducting stablecoin activities (e.g., digital wallets) to federal oversight, and limiting affiliations between issuers and commercial entities.
  • Revised guidance from the Financial Action Task Force (FATF) on virtual assets and virtual asset service providers (VASPs) clarifies the application of FATF standards to virtual assets and VASPs. It also introduces new obligations and recommendations for PSAVs, such as the implementation of the travel rule, licensing and registration of PSAVs, and supervision and enforcement of PSAVs.

These regulatory changes could have significant implications for Ledger and other crypto wallets. They could require them to comply with new rules and standards, to obtain new licenses or registrations, to implement new systems and processes, and to face new supervisory and enforcement actions.

Societal changes

Societal changes could influence the perception and adoption of Ledger and cryptocurrencies, such as increased awareness and education, which could increase the trust and popularity of Ledger devices, or increased competition and innovation, which could challenge the position and performance of Ledger devices. For example, the EviSeed NFC HSM technology allows the creation of up to 100 cryptocurrency wallets on 5 different blockchains chosen freely by the user.

Technological alternatives

Technological alternatives are already available, such as EviCore NFC HSM, EviCore HSM OpenPGP, EviCore NFC HSM Browser Extension and the NFC HSM devices that work without contact, developed and manufactured by Freemindtronic in Andorra. These are new cyber security and safety technologies that use HSMs with or without NFC. They offer a wide range of security features to manage your cryptocurrencies and other digital assets. These technologies also offer the hardware management of complex and complicated passwords by EviPass NFC HSM, OTP (2FA) keys by EviOTP NFC HSM, Seed Phrases by EviSeed NFC HSM, and the creation of multiple cryptocurrency wallets on the same device.

Conclusion

Ledger, the French leader in cryptocurrency security, has faced several security breaches since 2017. As a result of these breaches, hackers could steal the private keys and funds of Ledger users. In response to these threats, Ledger reacted by publishing security updates, informing its users, and strengthening its protection measures. However, Ledger users must be vigilant and follow the recommendations of Ledger to protect themselves from these attacks. Despite these challenges, Ledger remains a reliable and secure device to manage cryptocurrencies, as long as the best practices of digital hygiene are respected. If you want to learn more about Ledger and its products, you can visit their official website or read their blog. Additionally, you can also check their security reports and their help center for more information.

TETRA Security Vulnerabilities: How to Protect Critical Infrastructures

TETRA Security Vulnerabilities secured by EviPass or EviCypher NFC HSM Technologies from Freemindtronic-Andorra
TETRA Security Vulnerabilities by Jacques Gascuel: This article will be updated with any new information on the topic.

TETRA Security Vulnerabilities

Tetra is a radio communication standard used by critical sectors worldwide. But it has five security flaws that could expose its encryption and authentication. How can you protect your Tetra system from hackers? Read this article TETRA Security Vulnerabilities to find out the best practices and tips.

2024 Digital Security

PrintListener: How to Betray Fingerprints

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

2024 Digital Security Spying

Ivanti Zero-Day Flaws: Comprehensive Guide to Secure Your Systems Now

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

2024 Articles Digital Security EviPass Password

Human Limitations in Strong Passwords Creation

2024 Articles Digital Security EviKey NFC HSM EviPass News SSH

Terrapin attack: How to Protect Yourself from this New Threat to SSH Security

2024 Articles Digital Security News Phishing

Google OAuth2 security flaw: How to Protect Yourself from Hackers

TETRA Security Vulnerabilities: How to Protect Critical Infrastructures from Cyberattacks

TETRA (Terrestrial Trunked Radio) is a radio technology that is used worldwide for critical communications and data, especially in the sectors of security, energy, transport and defense. But this technology, which has been kept secret for more than 25 years, hides serious security vulnerabilities, including a backdoor that could allow devastating cyberattacks.

What is TETRA?

TETRA is a European radio standard that was developed in the 1990s to meet the needs of professional mobile services, such as police, firefighters, emergency services, military, prison staff, etc. TETRA allows to transmit data and voice encrypted on frequencies ranging from 380 to 470 MHz, with a range of several kilometers.

TETRA is used by more than 2000 networks in more than 150 countries, according to the TETRA and Critical Communications Association (TCCA), which brings together the manufacturers, operators and users of this technology. Among the main manufacturers of TETRA radios, we find Motorola Solutions, Hytera, Airbus, Sepura and Rohill.

TETRA offers several advantages over other radio technologies, such as:

  • better sound quality
  • greater transmission capacity
  • greater security thanks to encryption
  • greater flexibility thanks to the possibility of creating communication groups
  • greater interoperability thanks to the compatibility of equipment

Source french: TETRA digital mode & F4HXZ – Blog radioamateur

What are the vulnerabilities of TETRA?

Despite its strengths, TETRA also has weaknesses, which have been revealed by a group of Dutch researchers from Radboud University Nijmegen. These researchers conducted a thorough analysis of the TETRA standard and its encryption algorithms, which were until then kept secret by the manufacturers and authorities.

The researchers discovered two types of major vulnerabilities in TETRA:

  • A backdoor in the encryption algorithm TEA1, which is used in radios sold for sensitive equipment, such as pipelines, railways, power grid, public transport or freight trains. This backdoor allows an attacker to decrypt the communications and data transmitted by these radios, and possibly to modify or block them. The backdoor exists since the creation of the algorithm TEA1, in 1998, and cannot be corrected by a simple software update. The researchers managed to extract the secret key of the backdoor by analyzing the binary code of the radios.
  • A weakness in the encryption algorithm TEA2, which is used in radios intended for professional mobile services, such as police, firefighters, emergency services, military or prison staff. This weakness allows an attacker to reduce the number of possible keys to test to decrypt the communications and data transmitted by these radios. The researchers estimated that it would take about 10 minutes to find the right key with a standard computer. This weakness was corrected by the manufacturers in 2016, but the radios that have not been updated remain vulnerable.

To find the backdoor in the TEA1 algorithm, the researchers used a technique called “differential analysis”, which consists of comparing the outputs of the algorithm for slightly different inputs. By observing the differences, they were able to identify a part of the code that was not normally used, but that was activated by a special condition. This condition was the presence of a secret key of 64 bits, which was hidden in the binary code of the radios. By analyzing the code, they were able to extract the secret key and test it on encrypted communications with the TEA1 algorithm. They were thus able to confirm that the secret key allowed to decrypt the communications without knowing the normal key of 80 bits. The researchers published their official report and the source code of the TETRA encryption algorithms on their website.

Source: https://cs.ru.nl/~cmeijer/publications/All_cops_are_broadcasting_TETRA_under_scrutiny.pdf

What are the risks for critical infrastructures?

The vulnerabilities identified in TETRA represent a danger for the critical infrastructures that use this technology, because they could be exploited by cybercriminals, terrorists or spies to disrupt or damage these infrastructures.

For example, an attacker could:

  • listen to the communications and confidential data of the security or defense services
  • impersonate an operator or a manager to give false instructions or orders
  • modify or erase data or commands that control vital equipment, such as valves, switches, signals or brakes
  • cause failures, accidents, fires or explosions

These scenarios could have dramatic consequences on the security, health, economy or environment of the countries concerned.

How to protect yourself from cyberattacks on TETRA?

The users of TETRA must be aware of the vulnerabilities of this technology and take measures to protect themselves from potential cyberattacks. Among the recommendations of the researchers, we can mention:

  • check if the radios used are affected by the vulnerabilities and ask the manufacturers for correction solutions
  • avoid using the algorithm TEA1, which contains the backdoor, and prefer safer algorithms, such as TEA3 or TEA4
  • use encryption keys that are long and complex enough, and change them regularly
  • set up verification and authentication procedures for communications and data
  • monitor the radio traffic and detect anomalies or intrusion attempts
  • raise awareness and train staff on cybersecurity and good practices

TETRA digital mode: how to transfer data via TETRA

TETRA (Terrestrial Trunked Radio) is a digital and secure radio communication standard used by emergency services, law enforcement, public transport and industries. TETRA uses a π/4-DQPSK phase modulation and a TDMA time division multiplexing to transmit voice and data on a bandwidth of 25 KHz per transmission channel. Each channel is divided into four timeslots, one of which is reserved for signaling in trunked mode (TMO).

TETRA allows file transfer via radio in two ways: by the packet data service (PDS) or by the circuit data service (CDS).

The PDS uses the IP protocol to transmit data packets on one or more timeslots. It offers a maximum throughput of 28.8 kbit/s per timeslot, or 86.4 kbit/s for three timeslots. The PDS can be used to send small files, such as images, text messages or forms.

The CDS uses the LAPD protocol to transmit data by circuit on a dedicated timeslot. It offers a constant throughput of 4.8 kbit/s per timeslot, or 19.2 kbit/s for four timeslots. The CDS can be used to send large files, such as documents, videos or maps.

The choice of the data service depends on the type of file, the size of the file, the quality of the radio link, the cost and the availability of radio resources. The PDS offers more flexibility and performance, but it requires a good signal quality and it can be more expensive in terms of battery consumption and spectrum occupation. The CDS offers more reliability and simplicity, but it requires a prior allocation of a timeslot and it can be slower and less efficient.

Securing TETRA file transfers with Freemindtronic’s EviCypher technology

However, both data services are subject to the TETRA security vulnerabilities that we have discussed in the previous sections. These vulnerabilities could allow an attacker to intercept, modify or corrupt the files transferred via TETRA, or to prevent their transmission altogether. Therefore, the users of TETRA must ensure the integrity and the confidentiality of the files they send or receive, by using encryption, verification and authentication methods. Freemindtronic’s EviCypher technology can be a valuable solution for encrypting data with post-quantum AES-256 from an NFC HSM with your own randomly generated keys before transferring them via TETRA. This way, even if an attacker corrupts the data transmitted by TETRA, they will not be able to decrypt the data encrypted by a product embedding

How to secure file transfers via TETRA with Freemindtronic’s EviCypher technology

La technologie EviCypher de Freemindtronic peut être une solution précieuse pour chiffrer les données avec AES-256 post-quantique à partir d’un HSM NFC avec vos propres clés générées aléatoirement avant de les transférer via TETRA. Ainsi, même si un attaquant corrompt les données transmises par TETRA, il ne pourra pas décrypter les données cryptées par un produit embarquant la technologie EviCypher NFC HSM technology, such as DataShielder NFC HSM or DataSielder Defense NFC HSM. These products are portable and autonomous devices that allow you to secure the access to computer systems, applications or online services, using the NFC as a means of authentication and encryption.

The management of encryption keys for TETRA

To use encryption on the TETRA network, you need an encryption key, which is a secret code of 80 bits, or 10 bytes. This key must be shared between the radios that want to communicate securely, and must be protected against theft, loss or compromise.

There are several methods to save and enter encryption keys for TETRA, depending on the type of radio and the level of security required. Here are some examples:

  • The manual method: it consists of entering the encryption key using the keyboard of the radio, by typing the 10 bytes in hexadecimal form. This method is simple, but impractical and unsafe, because it requires to know the key by heart or to write it down on a support, which increases the risk of disclosure or error. For example, a 80-bit key could be 3A4F9C7B12E8D6F0.
  • The automatic method: it consists of using an external device, such as a computer or a smart card, which generates and transfers the encryption key to the radio by a cable or a wireless link. This method is faster and more reliable, but it requires to have a compatible and secure device, and to connect it to the radio at each key change.
  • The EviPass method: it consists of using the EviPass NFC HSM technology which allows to generate, store and manage keys and secrets in a secure and independent NFC HSM device. This method is the most innovative and secure, because it allows to create keys higher than 80 bits randomly in hexadecimal base 16, 58, 64 or 85, to store them in a physical device protected by an access code and a robust AES-256 post-quantum encryption algorithm, and to transfer them by various contactless means, via a computer. This method does not require to know or write down the key, which reduces the risk of disclosure or error. For example, a 10-byte key of 80 bits could be 3F 8A 6B 4C 9D 1E 7F 2A 5B 0C.

The EviPass NFC HSM technology of Freemindtronic allows to create secure gateways between the NFC devices and the computer systems, using advanced encryption protocols, such as AES, RSA or ECC. The EviPass NFC HSM technology is embedded in the PassCyber NFC HSM product, which is a portable and autonomous device that allows to secure the access to computer systems, applications or online or offligne services, using the NFC as a means of authentication.

Conclusion

TETRA is a radio technology that was designed to offer secure and reliable communication to professional mobile services and critical infrastructures. But this technology, which has been kept secret for decades, presents vulnerabilities that could be exploited by cyberattackers to compromise these communications and infrastructures. The users of TETRA must be vigilant and take measures to protect themselves from these threats, by updating their equipment, choosing robust encryption algorithms, using strong keys, verifying and authenticating data and monitoring radio traffic. The EviPass NFC HSM technology of Freemindtronic can be an effective solution to strengthen the security of keys and secrets used for verification and authentication, by storing them in a secure and independent NFC device. The researchers who revealed the vulnerabilities of TETRA hope that their work will contribute to improve the security of communications in critical domains.

DataShielder Defense NFC HSM: Protect Your Sovereign Communications

DataShielder Defense NFC HSM Protect your Sovereign Communications by Freemindtronic Andorra
DataShielder Defense NFC HSM – Jacques Gascuel: This article will be updated with any new information on the topic.

Why You Need DataShielder Defense NFC HSM

DataShielder Defense NFC HSM, a patented solution, ensures maximum confidentiality and anonymization of communications from sovereign entities. Using NFC technology, this HSM manages up to 200 secrets offline, contactless and shareable via any communication method, including email and SMS. A GreenTech innovation, it is interoperable, backward compatible and versatile, designed to immediately respond to various specific needs and customizable for enhanced secret security.

2024 Digital Security

PrintListener: How to Betray Fingerprints

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

2024 Digital Security Spying

Ivanti Zero-Day Flaws: Comprehensive Guide to Secure Your Systems Now

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

2024 Articles Digital Security EviPass Password

Human Limitations in Strong Passwords Creation

2024 Articles Digital Security EviKey NFC HSM EviPass News SSH

Terrapin attack: How to Protect Yourself from this New Threat to SSH Security

2024 Articles Digital Security News Phishing

Google OAuth2 security flaw: How to Protect Yourself from Hackers

DataShielder Defense NFC HSM: How to Protect Your Sovereign Communications with a Revolutionary Solution

The protection of sovereign entities and the enhancement of existing defense and intelligence systems are crucial challenges in today’s world. Sovereign communications, such as those between heads of state, diplomats, military personnel, or secret agents, are constantly exposed to threats of interception, hacking, or manipulation. These threats can compromise the security, integrity, and confidentiality of sensitive information, and have serious consequences for national and international security.

To address these challenges, a revolutionary solution has been developed by Freemindtronic, a andorran company specialized in data security and encryption. This solution is called DataShielder Defense NFC HSM, and it is the ultimate solution for protecting all forms of communications of sovereign entities. This innovative and cutting-edge solution, protected by two patents, guarantees an unparalleled level of confidentiality and trust among humans, without compromise. With DataShielder, your secrets and sensitive data remain inaccessible and indecipherable, even in case of compromise of the equipment and information and communication systems.

In this article, we will explain how DataShielder Defense NFC HSM works, what are its features and benefits, and how it can be customized to suit your specific needs. We will also show how this solution could have influenced several major events in the history of communication security, and how it has received international recognition and awards for its excellence.

How DataShielder Defense NFC HSM Works

DataShielder Defense NFC HSM is a device that uses Near Field Communication (NFC) technology to create, store, and use up to 100 different secrets in a single device. A secret can be anything that you want to protect, such as an encryption key, a password, a PIN code, a cryptocurrency key, a bank account information, or a message. DataShielder allows you to share your encrypted secrets via all the means of communication available in the world, such as postal mail, webcam, email, SMS, MMS, RCS, messaging, or directly between two NFC HSM devices.

To use DataShielder, you need an Android NFC phone or tablet, and the DataShielder app, which is available for free on the Google Play Store. You also need a DataShielder Defense NFC HSM device, which is a small and discreet card that can be customized to fit different formats and accessories. The device does not require any battery or external power source, as it uses the energy of the NFC signal of the phone to operate on demand.

To create a secret, you simply need to tap your phone on the device, and choose the type of secret you want to create. You can either generate a random secret, or import an existing one. You can also add specific trust criteria for each secret, such as BSSID, geographical area, password, fingerprint, QR code or barcode scan, and phone UID. The absence of any of these criteria makes the access to the secret impossible, ensuring maximum and personalized security.

To use a secret, you simply need to tap your phone on the device, and choose the secret you want to use. You can either use it directly on your phone, or send it to another device or person. You can also use the secret to unlock secure USB or SSD keys, to log in to your favorite websites, to make secure voice calls and SMS, to manage your banking information, to generate and use cryptocurrency wallets, and more.

To share a secret, you simply need to tap your phone on the device, and choose the secret you want to share. You can either share it directly with another NFC HSM device, or encrypt it with the RSA-4096 public key of the recipient, and send it via any means of communication. The recipient will need to decrypt the secret with their NFC HSM device, using the EviSCP HSM (ZKP) protocol, which is a patented technology that ensures a secure and confidential exchange of secrets.

Differentiating Benefits of DataShielder Defense NFC HSM

DataShielder Defense NFC HSM offers a complete and adaptable solution to your needs, thanks to the set of advanced and efficient features that it incorporates. These features are based on different technologies, each with a specific name and function. Here is a summary of the main features and benefits of DataShielder:

 

Feature Technology Function Benefit
Random generation of symmetric and asymmetric encryption keys EviCypher NFC HSM Encrypt all types of data (texts, images, videos) in post-quantum AES-256. Use the RSA-4096 public key to exchange encrypted secrets between distant NFC devices. Protect your data and secrets from unauthorized access and decryption, even in case of quantum computing attacks.
Random generation of identifiers and passwords EviPass NFC HSM Generate automatically complex and complicated passwords up to 48 characters based on the 95 ASCII characters, or on bases 16, 58, 64 or 85. Import and store manually login identifiers, PIN codes, PUK, lock codes, TPM2.0 passwords, BitLocker… Log in automatically to your favorite websites. Secure your online accounts and devices with strong and unique passwords. Save time and avoid typing errors with automatic login.
Create a segmented key EviAuth NFC HSM Divide your secret into two segments and store them on two different NFC HSM devices. Require the presence of two people to reconstitute the secret. Increase the security and confidentiality of your secret by adding a human factor. Prevent the access to the secret by a single person or device.
Management of secret OTP keys EviOTP NFC HSM Store securely the secret OTP keys whose one-time passwords based on time (TOTP) or HMAC (HOTP) to generate a secondary authentication factor (2FA). Enhance the security of your online accounts and services with a second factor of authentication. Avoid the risk of losing or compromising your OTP keys.
Secure voice calls and SMS EviCall NFC HSM Store your phone contacts and make a voice call from the NFC HSM without leaving any trace in the phone history. Communicate securely and discreetly with your contacts. Avoid the interception and recording of your voice calls and SMS.
Secure management of banking information EviPay NFC HSM Store, manage and use securely the information related to credit cards and bank accounts. Protect your financial information and transactions from fraud and theft. Access and use your banking information easily and securely.
Unlocking of secure USB or SSD keys without contact EviKey NFC HSM Manage the administrator, user and temporary user PIN codes to unlock the secure USB/SSD keys without contact. Secure your external and internal storage with a contactless unlocking system. Manage the access rights and permissions of the USB/SSD keys.
Generation of cryptocurrency wallets EviSeed NFC HSM Automatically and directly create from a blockchain the secret BIP39 key, its derived key, its public key and the public address. The balance verification is done directly on the blockchain. Create and use cryptocurrency wallets securely and conveniently. Store your cryptocurrency keys in an inviolable and encrypted manner. Verify your balance directly on the blockchain.
Automatic import of private keys EviVault NFC HSM Import derived private keys by scanning their QR codes from five blockchain platforms including Bitcoin, Ethereum, Polygon, Binance Smart Chain and IOTA. Create and save also the BIP39 PassPhrases. Import and use private keys from different blockchain platforms easily and securely. Scan the QR codes and store the keys in an encrypted manner. Create and save also the BIP39 PassPhrases.
Management of authentication cards EviCore NFC HSM Scan and store the barcode or QR code of any type of card that uses this type of identification (access cards, loyalty cards sometimes linked to a payment system). Store and use authentication cards securely and conveniently. Scan the barcode or QR code and store it in an encrypted manner.
NFC HSM pairing key manager EviCore NFC HSM Manage the NFC HSM fleet within a sovereign entity. Manage and control the NFC HSM devices within your organization. Assign and revoke pairing keys for the devices.
Data encryption EviCrypt NFC HSM Encrypt your texts and files upstream before sending them to your recipients using your usual messaging services. Encrypt your data before sending it via any means of communication. Ensure that only the intended recipients can decrypt and access your data.
Use on all computer systems EviCore NFC HSM Browser Extension Use your NFC HSM with the free Freemindtronic browser extension based on Chromium and Firefox. Find the DataShielder NFC HSM functions on all your computers. Use your NFC HSM on any computer system.
Use of a virtual USB Bluetooth keyboard EviKeyboard BLE Use a virtual keyboard for secure and discreet input. Extend the use of secrets in HID mode on various computer systems, TPM2.0, BitLocker, Windows, Linux, Apple, proprietary software and web browsers. Don’t touch the keyboard. Enter a free line of code up to 52 characters. Entering BIOS passwords. Easy to use

Stealth Customization Options

The manufacturer Freemindtronic offers a customization service specially designed for sovereign entities, combining discretion and functionality.

Discreet Formats: Modified standard PVC and PCB cards for effective camouflage.

Stealth Accessories: Labels, key rings, promotional pens, and cufflinks subtly integrating NFC HSM devices.

USB Dummy Keys: Mini USB keys functioning as secret containers for the NFC HSM devices.

NFC On/Off Card: PCB cards with switchable NFC antenna for increased stealth.

These options guarantee invisible security, ideal for special operations and covert missions.

Complementary Accessories

  • Secure NFC EviKey USB and SSD Keys: These devices offer secure external and internal storage, perfectly integrated with DataShielder NFC HSM for enhanced data protection.
  • Bluetooth Virtual Keyboard EviKeyboard BLE: An innovative keyboard for secure and discreet input, complementing the DataShielder NFC HSM by an additional layer of security in data entry.

International Distinctions and Awards

The EviCypher NFC HSM technology, essential to DataShielder, has received worldwide recognition, marked by several important awards.

  • Gold Medal 2021 of the Geneva Inventions: EviCypher Technology awarded among hundreds of international inventions.
  • Three Global InfoSec Awards 2021: Awarded for being the best data security solution by Cyber Defense Magazine “Next-Gen in Crypto Security”, “Most Innovative Hardware Password Manager”, “Next-Gen in Secrets Management”.
  • Two E&T Innovation Awards 2021: Distinguished for the best communication and IT solution, as well as for the best cybersecurity solution.
  • Two nominations for the National Cyber Awards 2021 of the United Kingdom: Finalist in two categories “The Innovation in Cyber Award 2021” and “The Cyber Defense Product of the Year 2021”.
  • Gold Globee Award 2022: Cyber Computer NFC winner of a Cyber Security Global Excellence Awards®.
  • Fortress Award 2023: Awarded for its excellence in encryption and privacy protection.

Conclusion

DataShielder Defense NFC HSM is a revolutionary solution for protecting your sovereign communications. It offers a high level of security, confidentiality, and trust, without compromise. It is compatible with all types of data and communication means, and can be customized to suit your specific needs. It is also environmentally friendly, durable, and interoperable. It has received international recognition and awards for its excellence and innovation. If you are looking for a solution that can protect your secrets and sensitive data from any threat, DataShielder Defense NFC HSM is the solution for you. Contact Freemindtronic today and get your DataShielder Defense NFC HSM device. You will not regret it.

FormBook Malware: How to Protect Your Gmail and Other Data

FormBook Malware: how to protect your gmail and other data
Protect your Gmail Account FormBook malware – Jacques Gascuel: This article will be updated with any new information on the topic.

Secure Your Gmail from FormBook Attacks

FormBook is a malware that can steal your Gmail credentials, messages, and attachments. Learn how to use the Freemindtronic devices to encrypt your Gmail data and use passwordless and 2FA.

2024 Digital Security

PrintListener: How to Betray Fingerprints

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

2024 Digital Security Spying

Ivanti Zero-Day Flaws: Comprehensive Guide to Secure Your Systems Now

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

2024 Articles Digital Security EviPass Password

Human Limitations in Strong Passwords Creation

2024 Articles Digital Security EviKey NFC HSM EviPass News SSH

Terrapin attack: How to Protect Yourself from this New Threat to SSH Security

2024 Articles Digital Security News Phishing

Google OAuth2 security flaw: How to Protect Yourself from Hackers

How to Protect Your Gmail Account from FormBook Malware

Introduction

Imagine that you receive an email from your bank, asking you to confirm your identity by clicking on a link. You open the link, and you find yourself on a page that looks like your bank’s website, but it is actually a fake. You enter your credentials, and you think you are done. But in reality, you have just given access to your bank account to hackers, who will use it to steal your money, or worse. This is what FormBook can do, a malware that can steal your sensitive data, and that Google cannot stop. In this article, we will explain what FormBook is, how it works, and how to protect yourself from this malware.

What is FormBook and why is it a threat?

FormBook is a malware that can record your keystrokes, take screenshots, and steal your passwords, cookies, and clipboard data. It can also download and execute other malicious files on your device.

FormBook is distributed through phishing emails that contain malicious attachments. These attachments are usually disguised as invoices, receipts, or shipping confirmations. When you open them, they ask you to enable macros or content. If you do, the malware will be installed on your device.

FormBook can target any web browser, but it has a special feature for Chrome. It can inject a fake Gmail login page into your browser, and trick you into entering your credentials. The malware will then send your Gmail username and password to a remote server controlled by the hackers.

FormBook is a threat because it can compromise your Gmail account and access your personal and professional information. It can also use your Gmail account to send spam or phishing emails to your contacts, or to access other online services that are linked to your Gmail account, such as Google Drive, Google Photos, or Google Pay.

How to protect yourself from FormBook?

Google has not yet found a way to detect and block FormBook. Therefore, you need to be extra careful when you use Gmail and other online services. Here are some tips to protect yourself from FormBook and other malware:

  • Do not open or download attachments from unknown or suspicious senders. If you are not sure about the legitimacy of an email, contact the sender directly or check the official website of the company or organization.
  • Do not enable macros or content in any document unless you trust the source. Macros are small programs that can run malicious code on your device.
  • Use a strong and unique password for your Gmail account and other online accounts. Do not reuse the same password for different services. Change your password regularly and use a password manager to store and generate your passwords.
  • Enable two-factor authentication (2FA) for your Gmail account and other online accounts. 2FA adds an extra layer of security by requiring a code or a device confirmation in addition to your password.
  • Use a reputable antivirus software and keep it updated. Antivirus software can scan your device for malware and remove it. You can also use a browser extension that can block malicious websites and pop-ups.

How to encrypt your Gmail messages and attachments with DataShielder NFC HSM

DataShielder NFC HSM is a device that allows you to encrypt and decrypt your Gmail messages and attachments with your own encryption keys that you create and store offline. It uses the EviCypher NFC HSM technology, which is a contactless hardware security module (NFC HSM) that won the Gold Medal for International Inventions in Geneva on March 2021.

With DataShielder NFC HSM, you can encrypt and decrypt your data with AES-256 keys that are randomly generated and stored in the NFC HSM. You can store up to 100 keys and one pair of RSA-4096 keys in the NFC HSM. You can also use different keys for the message and the attachment.

To encrypt your Gmail message and attachment, you need to use the EviCrypt and EviFile applications that are embedded in the DataShielder NFC HSM. These applications allow you to encrypt and decrypt your data with a simple tap of your NFC phone on the DataShielder NFC HSM. You can also share your encrypted data with other users who have the same device and the same key.

By using DataShielder NFC HSM, you can protect your Gmail messages and attachments from FormBook or any other malware that can access your Gmail account. Even if your Gmail account is hacked, your encrypted data will remain encrypted and unreadable by the hackers. Only you and the authorized recipients can decrypt your data with the DataShielder NFC HSM.

How to protect your web Gmail account with passwordless and 2FA using PassCypher NFC HSM

Do you want to manage your web accounts with complicated and complex passwords that you do not need to know, remember, or type? If yes, then you should try PassCypher NFC HSM. This device uses the EviPass NFC HSM technology, which is a contactless hardware password manager that won the Silver Medal for International Inventions in Geneva on March 2021.

With PassCypher NFC HSM, you can create and store your usernames and passwords of more than 256-bit in the NFC HSM. Moreover, you can store your OTP TOTP or HOTP secret keys in the NFC HSM to generate the 2FA code for your web accounts. The NFC HSM can store up to 100 web accounts and one pair of RSA-4096 keys.

To use PassCypher NFC HSM, you need to install the Freemindtronic extension for your web browser based on Chromium or Firefox. This extension uses the EviCore NFC HSM Browser technology, which allows you to communicate with the NFC HSM via your NFC phone. You also need to use the EviPass and EviOTP applications that are embedded in the PassCypher NFC HSM. These applications allow you to create, edit, and delete your web accounts and OTP secret keys with a simple tap of your NFC phone on the PassCypher NFC HSM.

By using PassCypher NFC HSM, you can secure your web accounts with passwordless and 2FA. You do not need to display, know, or type your username and password. You just need to tap your NFC phone on the PassCypher NFC HSM and the extension will autofill and auto login your web account. You also do not need to check for a typosquatting attack, since the extension will verify the URL of the website before logging in. And you do not need to use another device or application to generate the 2FA code, since the PassCypher NFC HSM will do it for you.

How to protect your Gmail account from FormBook with PassCypher NFC HSM

FormBook is a dangerous malware that can access your Gmail account and other sensitive data. Google has not yet found a solution to stop it. Therefore, you need to be vigilant and follow the best practices to protect yourself from cyberattacks. One of them is to use PassCypher NFC HSM to secure your Gmail account with passwordless and 2FA.

By using PassCypher NFC HSM, you can protect your Gmail account from FormBook or any other malware that can access your web browser. Even if your web browser is hacked, your usernames and passwords will remain encrypted and inaccessible by the hackers. Only you can decrypt your Gmail account with the PassCypher NFC HSM. And even if the hackers manage to steal your session cookies, they will not be able to log in to your Gmail account without the 2FA code that is generated by the PassCypher NFC HSM.

To use PassCypher NFC HSM with your Gmail account, you need to follow these steps:

  • Create a Gmail account in the EviPass application on the PassCypher NFC HSM. You can use the default username and password, or you can generate a random and complex password with the EviPass application.
  • Enable 2FA for your Gmail account on the Google website.
  • Choose the option to use an authenticator app, and scan the QR code with the EviOTP application on the PassCypher NFC HSM. This will store your OTP secret key in the NFC HSM.
  • Log in to your Gmail account with the Freemindtronic extension on your web browser. Tap your NFC phone on the PassCypher NFC HSM and the extension will autofill and auto login your Gmail account. You will also see a pop-up window with the 2FA code that you need to enter on the Google website.

By following these steps, you can use PassCypher NFC HSM to secure your Gmail account with passwordless and 2FA. You can also use PassCypher NFC HSM with other web accounts that support 2FA, such as Facebook, Twitter, or Amazon. This way, you can protect yourself from FormBook and other malware that can access your web browser.

Recent statistics on FormBook

FormBook is a malware that was first discovered in 2016, but it remains very active and dangerous. According to the Check Point report on cybersecurity in 2022, FormBook was the third most widespread malware in 2021, attacking 5% of enterprise networks. It was also the most prolific infostealer malware, accounting for 16% of attacks worldwide.

FormBook spreads mainly through phishing emails that contain malicious attachments. These attachments are often RAR self-extracting archives, which are compressed files that can run malicious code when opened. The RAR files contain a legitimate document, such as a PDF or a Word file, and a hidden executable file, which is the FormBook malware. When the user opens the RAR file, the document is displayed, but the malware is also installed in the background.

FormBook can also spread through other methods, such as drive-by downloads, malicious links, or removable media. The malware can infect any Windows device, from Windows XP to Windows 10. The malware can also evade detection and removal by using various techniques, such as encryption, obfuscation, or anti-analysis.

Here are some recent statistics on FormBook, based on the data from Check Point and ANY.RUN:

  • FormBook was the most popular malware in August 2021, affecting 4.5% of organizations worldwide, followed by Trickbot and Agent Tesla, affecting respectively 4% and 3% of organizations worldwide.
  • FormBook was the fourth most common malware in 2020, according to the ranking of malware families by ANY.RUN. It accounted for 8% of the samples analyzed by the online sandboxing service.
  • FormBook was used in many phishing campaigns targeting various industries, such as defense, aerospace, health, education, finance, retail, etc. It was also used to attack Ukrainian targets during the war between Russia and Ukraine in 2022.
  • FormBook has a successor called XLoader, which appeared in 2020 and which is able to infect macOS users. XLoader is sold on the dark web for $59 for a Windows license and $49 for a macOS license.

Danger level of FormBook compared to other malware

FormBook is a very dangerous malware, because it can steal sensitive information, such as credentials, passwords, credit card numbers, 2FA codes, etc. It can also download and execute other malware, such as ransomware, banking trojans, spyware, etc. It can also remotely control the infected device and perform various malicious actions, such as deleting browser cookies, taking screenshots, restarting or shutting down the system, etc.

FormBook is also hard to detect and remove, because it uses advanced evasion techniques, such as code injection, string obfuscation, data encryption, anti-analysis, etc. It also changes frequently its name, path, and file extension, and uses random Windows registry keys to maintain its persistence.

To compare the danger level of FormBook with other known malware in its category, we can use the following criteria:

  • The number of organizations affected worldwide
  • The type and amount of information stolen
  • The ability to download and execute other malware
  • The ability to remotely control the infected device
  • The evasion techniques used
  • The ease of detection and removal

Here is a table that compares FormBook with other popular infostealer malware, such as Trickbot, Agent Tesla, LokiBot, and Raccoon:

Malware Number of organizations affected Type and amount of information stolen Ability to download and execute other malware Ability to remotely control the infected device Evasion techniques used Ease of detection and removal
FormBook 4.5% in August 2021 Credentials, passwords, credit card numbers, 2FA codes, screenshots, keystrokes, etc. Yes Yes Code injection, string obfuscation, data encryption, anti-analysis, etc. Hard
Trickbot 4% in August 2021 Credentials, passwords, banking information, personal data, etc. Yes Yes Code injection, string obfuscation, data encryption, anti-analysis, etc. Hard
Agent Tesla 3% in August 2021 Credentials, passwords, banking information, personal data, screenshots, keystrokes, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium
LokiBot 1.5% in August 2021 Credentials, passwords, banking information, personal data, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium
Raccoon 0.8% in August 2021 Credentials, passwords, banking information, personal data, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium

From this table, we can see that FormBook is the most dangerous infostealer malware, because it affects the most organizations, steals the most types of information, and can download and execute other malware. It is also the hardest to detect and remove, because it uses more evasion techniques than the other malware.

Forms of attacks of FormBook

FormBook can be delivered through different forms of attacks, depending on the delivery mechanism chosen by the malicious actor. Here are some forms of attacks of FormBook:

  • Phishing: FormBook can be sent by email as a malicious attachment, such as a Word, Excel, PDF, or ZIP or RAR file. The email can have a misleading subject, such as an invoice, a receipt, a contract, a job offer, etc. When the user opens the attachment, the malware runs and infects the device.
  • Exploitation of vulnerabilities: FormBook can exploit vulnerabilities in popular software, such as Microsoft Office, Windows, Adobe Reader, etc. For example, FormBook used the vulnerability CVE-2017-8570 in Microsoft Office to run malicious code from a RTF file. FormBook also used the vulnerability CVE-2021-40444 in Microsoft MSHTML to run malicious code from a CAB file.
  • Drive-by downloads: FormBook can be downloaded without the user’s knowledge when they visit a compromised or malicious website. The website can use a script or an exploit kit to trigger the download and execution of the malware on the user’s device.
  • Removable media: FormBook can be copied to removable media, such as USB drives, external hard drives, memory cards, etc. When the user connects the removable media to their device, the malware runs automatically and infects the device.
  • Social media: FormBook can be spread by messages or posts on social media, such as Facebook, Twitter, Instagram, etc. These messages or posts can contain links or images that redirect to malicious websites or infected files. When the user clicks on the link or image, the malware is downloaded and executed on their device.

Here is a type of formbook malware attacks image:

Type of Formbook MalwareAttacks

How PassCypher NFC HSM and DataShielder NFC HSM can protect you from FormBook attacks

PassCypher NFC HSM and DataShielder NFC HSM are two devices that use the EviPass NFC HSM technology from Freemindtronic, which is a contactless hardware password manager that won the Silver Medal for International Inventions in Geneva on March 2021. These devices can help you protect your web accounts and your Gmail messages and attachments from FormBook attacks, by using passwordless, 2FA, and encryption.

PassCypher NFC HSM can create and store your usernames and passwords of more than 256-bit in the NFC HSM. It can also store your OTP TOTP or HOTP secret keys in the NFC HSM to generate the 2FA code for your web accounts. The NFC HSM can store up to 100 web accounts and one pair of RSA-4096 keys.

DataShielder NFC HSM can encrypt and decrypt your Gmail messages and attachments with your own encryption keys that you create and store offline. It uses the EviCypher NFC HSM technology, which is a contactless hardware security module (NFC HSM) that won the Gold Medal for International Inventions in Geneva on March 2021. It can store up to 100 keys and one pair of RSA-4096 keys in the NFC HSM.

To use PassCypher NFC HSM and DataShielder NFC HSM, you need to install the Freemindtronic extension for your web browser based on Chromium or Firefox. This extension uses the EviCore NFC HSM Browser technology, which allows you to communicate with the NFC HSM via your NFC phone. You also need to use the EviPass, EviOTP, EviCrypt, and EviFile applications that are embedded in the PassCypher NFC HSM and DataShielder NFC HSM. These applications allow you to create, edit, delete, encrypt, and decrypt your web accounts, OTP secret keys, messages, and attachments with a simple tap of your NFC phone on the PassCypher NFC HSM or DataShielder NFC HSM.

By using PassCypher NFC HSM and DataShielder NFC HSM, you can secure your web accounts and your Gmail messages and attachments with passwordless, 2FA, and encryption. You do not need to display, know, or type your username, password, or encryption key. You just need to tap your NFC phone on the PassCypher NFC HSM or DataShielder NFC HSM and the extension will autofill, auto login, encrypt, or decrypt your web account, message, or attachment. You also do not need to use another device or application to generate the 2FA code, since the PassCypher NFC HSM will do it for you.

Here is a table that shows how PassCypher NFC HSM and DataShielder NFC HSM can protect you from different FormBook attack vectors, such as keylogger, password stealer, file transfer, screenshot, etc. I used a check mark or a cross mark to show visually what PassCypher NFC HSM and DataShielder NFC HSM protect.

 

FormBook PassCypher DataShielder
Keylogger ✔️ ✔️
Password stealer ✔️ ✔️
File transfer ✔️
Screenshot ✔️ ✔️
Remote control
Phishing ✔️ ✔️
Exploit kit
Drive-by download
Removable media ✔️
Social media

This table shows that PassCypher NFC HSM and DataShielder NFC HSM can protect your web accounts from FormBook’s keylogger, password stealer, and phishing, by using passwordless and 2FA. They can also protect your Gmail messages and attachments from FormBook’s file transfer and screenshot, by using encryption and decryption. DataShielder NFC HSM can also protect your data stored in computers or removable media, by using encryption and decryption. However, neither device can protect your device from FormBook’s remote control, exploit kit, drive-by download, or unsecured social media, which can compromise your system and your data. Therefore, you should also use an antivirus software and a firewall to prevent FormBook from accessing your device.

Dual-Use Encryption Products: a regulated trade for security and human rights

Dual-Use encryption products a regulated trade for security and human rights by Freemindtronic-from Andorra
Dual-use encryption products by Jacques Gascuel: This article will be updated with any new information on the topic.

Dual-use encryption products: a challenge for security and human rights

Encryption is a technique that protects data and communications. Encryption products are dual-use goods, which can have civilian and military uses. The export of these products is controlled by the EU and the international community, to prevent their misuse or diversion. This article explains the EU regime for the export of dual-use encryption products, and how it has been updated.

2023 Articles Communications Cybersecurity Digital Security News Technical information

5Ghoul: 5G NR Attacks on Mobile Devices

Articles EviCore NFC HSM Technology legal News Training

Dual-Use Encryption Products: a regulated trade for security and human rights

2023 Articles EviCore HSM OpenPGP Technology EviCore NFC HSM Technology NFC HSM technology Technical information Technologies

Quantum computing RSA encryption: a threat and a solution

Articles News Technical information

Brute Force Attacks: What They Are and How to Protect Yourself

Articles Compagny spying DataShielder Digital Security Industrial spying Military spying NFC HSM technology Spying Technical information Zero trust

Are fingerprint systems really secure? How to protect your data and identity against BrutePrint

Articles Digital Security NFC HSM technology Technical information

RSA Encryption: How the Marvin Attack Exposes a 25-Year-Old Flaw

2023 Articles EviKey & EviDisk EviKey NFC HSM News NFC HSM technology Technical information

How to secure your SSH key with NFC HSM USB Drive EviKey

Articles Digital Security EviVault Technology NFC HSM technology Technical information

EviVault NFC HSM vs Flipper Zero: The duel of an NFC HSM and a Pentester

The international regulations on dual-use encryption products

The main international regulations that apply to dual-use encryption products are the Wassenaar Arrangement and the EU regime for the control of exports of dual-use goods.

The Wassenaar Arrangement

The Wassenaar Arrangement is a multilateral export control regime that aims to contribute to regional and international security and stability. It promotes transparency and responsibility in the transfers of conventional arms and dual-use goods and technologies. It was established in 1996 and currently has 42 participating states, including the United States, Canada, Japan, Australia, Russia, China and most of the EU member states.

The Wassenaar Arrangement maintains a list of dual-use goods and technologies that are subject to export control by the participating states. The list is divided into 10 categories, with subcategories and items. Category 5, part 2, covers information security, including encryption products. The list of encryption products includes, among others, the following items:

  • Cryptographic systems, equipment, components and software, using symmetric or asymmetric algorithms, with a key length exceeding 56 bits for symmetric algorithms or 512 bits for asymmetric algorithms, or specially designed for military or intelligence use.
  • Cryptanalytic systems, equipment, components and software, capable of recovering the plain text from the encrypted text, or of finding cryptographic keys or algorithms.
  • Cryptographic development systems, equipment, components and software, capable of generating, testing, modifying or evaluating cryptographic algorithms, keys or systems.
  • Non-cryptographic information security systems, equipment, components and software, using techniques such as steganography, watermarking, tamper resistance or authentication.
  • Technology for the development, production or use of the above items.

The participating states of the Wassenaar Arrangement are required to implement national export controls on the items listed in the arrangement, and to report annually their exports and denials of such items. However, the arrangement does not impose binding obligations on the participating states, and each state is free to decide whether to grant or refuse an export license, based on its own policies and national interests.

The EU regime for the control of exports of dual-use goods

The common legal framework of the EU for dual-use goods

The EU regime for the control of exports of dual-use goods is a common legal framework. It applies to all EU member states, and it has two main goals. First, it aims to ensure a consistent and effective implementation of the international obligations of export control. Second, it aims to protect the security and human rights of the EU and its partners. The regime is based on the Regulation (EU) 2021/821, which was adopted in May 2021 and entered into force in September 2021. This regulation replaces the previous Regulation (EC) No 428/2009.

The Regulation (EU) 2021/821: the principles and criteria of export control

The Regulation (EU) 2021/821 establishes a Union list of dual-use goods. These are goods that can have both civilian and military uses, such as software, equipment and technology. These goods are subject to an export authorization, which means that exporters need to obtain a permission from the competent authorities before exporting them. The Regulation also sets out a set of general principles and criteria for granting or refusing such authorization. The Union list of dual-use goods is based on the international export control regimes, including the Wassenaar Arrangement. It covers the same categories and items as the latter. However, the EU list also includes some additional items that are not covered by the international regimes. These are cyber-surveillance items that can be used for internal repression or human rights violations.

The Union list of dual-use goods: the categories and items subject to an export authorization

The Union list of dual-use goods consists of ten categories, which are:

  • Category 0: Nuclear materials, facilities and equipment
  • Category 1: Materials, chemicals, micro-organisms and toxins
  • Category 2: Materials processing
  • Category 3: Electronics
  • Category 4: Computers
  • Category 5: Telecommunications and information security
  • Category 6: Sensors and lasers
  • Category 7: Navigation and avionics
  • Category 8: Marine
  • Category 9: Aerospace and propulsion

Each category contains a number of items, which are identified by a code and a description. For example, the item 5A002 is “Information security systems, equipment and components”. The items are further divided into sub-items, which are identified by a letter and a number. For example, the sub-item 5A002.a.1 is “Cryptographic activation equipment or software designed or modified to activate cryptographic capability”.

The novelties of the Regulation (EU) 2021/821: the due diligence obligation, the catch-all clause, the human security approach and the transparency and information exchange mechanism

The Regulation (EU) 2021/821 also provides for different types of export authorizations. These are individual, global, general or ad hoc authorizations, depending on the nature, destination and end-use of the items. Moreover, the Regulation introduces some novelties, such as:

  • A due diligence obligation for exporters. This means that exporters have to verify the end-use and the end-user of the items, and to report any suspicious or irregular transaction.
  • A catch-all clause. This allows the competent authorities to impose an export authorization on items that are not listed, but that can be used for weapons of mass destruction, a military end-use, human rights violations or terrorism.
  • A human security approach. This requires the competent authorities to take into account the potential impact of the items on human rights, international humanitarian law, regional stability and sustainable development, especially for cyber-surveillance items.
  • A transparency and information exchange mechanism. This requires the competent authorities to share information on the authorizations, denials and consultations of export, and to publish annual reports on their export control activities.

The dual-use encryption products: sensitive goods for security and human rights

The dual-use encryption products are a specific type of dual-use goods that fall under the category 5 of the Union list. These are products that use cryptographic techniques to protect the confidentiality, integrity and authenticity of data and communications. These products can have both civilian and military uses, and they raise important issues for security and human rights.

The dual-use encryption products: a definition and examples

The dual-use encryption products are defined by the Regulation (EU) 2021/821 as “information security systems, equipment and components, and ‘software’ and ‘technology’ therefor, which use ‘cryptography’ or cryptanalytic functions”. The Regulation also provides a list of examples of such products, such as:

  • Cryptographic activation equipment or software
  • Cryptographic equipment for mobile cellular systems
  • Cryptographic equipment for radio communication systems
  • Cryptographic equipment for computer and network security
  • Cryptanalytic equipment and software
  • Quantum cryptography equipment and software

The dual-use encryption products: security issues

The dual-use encryption products can have a significant impact on the security of the EU and its partners. On the one hand, these products can enhance the security of the EU and its allies, by protecting their sensitive data and communications from unauthorized access, interception or manipulation. On the other hand, these products can also pose a threat to the security of the EU and its adversaries, by enabling the encryption of malicious or illegal activities, such as terrorism, espionage or cyberattacks. Therefore, the export of these products needs to be carefully controlled, to prevent their misuse or diversion to undesirable end-users or end-uses.

The dual-use encryption products: human rights issues

The dual-use encryption products can also have a significant impact on the human rights of the EU and its partners. On the one hand, these products can protect the human rights of the EU and its citizens, by safeguarding their privacy and freedom of expression on the internet. On the other hand, these products can also violate the human rights of the EU and its partners, by enabling the repression or surveillance of dissidents, activists or journalists by authoritarian regimes or non-state actors. Therefore, the export of these products needs to take into account the potential consequences of the items on human rights, international humanitarian law, regional stability and sustainable development, especially for cyber-surveillance items.

The modification of the Union list of dual-use goods by the Delegated Regulation (EU) 2022/1

The Union list of dual-use goods is not static, but dynamic. It is regularly updated to reflect the changes in the technological development and the international security environment. The latest update of the list was made by the Delegated Regulation (EU) 2022/1 of the Commission of 20 October 2021, which modifies the Regulation (EU) 2021/821.

The changes made by the international export control regimes in 2020 and 2021

The Delegated Regulation (EU) 2022/1 reflects the changes made by the international export control regimes in 2020 and 2021. These are the Wassenaar Arrangement, the Nuclear Suppliers Group, the Australia Group and the Missile Technology Control Regime. These regimes are voluntary and informal arrangements of states that coordinate their national export control policies on dual-use goods. The EU is a member of these regimes, and it aligns its Union list of dual-use goods with their lists of controlled items. The changes made by these regimes include the addition, deletion or modification of some items, as well as the clarification or simplification of some definitions or technical parameters.

The new items added to the Union list of dual-use goods: the quantum technologies, the drones and the facial recognition systems or biometric identification systems

The Delegated Regulation (EU) 2022/1 also adds some new items to the Union list of dual-use goods. These are items that are not covered by the international export control regimes, but that are considered to be sensitive for the security and human rights of the EU and its partners. These items include:

  • Certain types of software and technology for the development, production or use of quantum computers or quantum cryptography. These are devices or techniques that use the principles of quantum physics to perform computations or communications that are faster or more secure than conventional methods.
  • Certain types of equipment, software and technology for the development, production or use of unmanned aerial vehicles (UAVs) or drones. These are aircraft or systems that can fly without a human pilot on board, and that can be used for various purposes, such as surveillance, reconnaissance, delivery or attack.
  • Certain types of equipment, software and technology for the development, production or use of facial recognition systems or biometric identification systems. These are systems or techniques that can identify or verify the identity of a person based on their facial features or other biological characteristics, such as fingerprints, iris or voice.

The entry into force and application of the Delegated Regulation (EU) 2022/1

The Delegated Regulation (EU) 2022/1 entered into force on 7 January 2022. It applies to all exports of dual-use goods from the EU from that date. The exporters of dual-use goods need to be aware of the changes and updates to the Union list of dual-use goods, and to comply with the export control rules and procedures established by the Regulation (EU) 2021/821. The competent authorities of the member states need to implement and enforce the new Union list of dual-use goods, and to cooperate and coordinate with each other and with the Commission. The Commission needs to monitor and evaluate the impact and effectiveness of the new Union list of dual-use goods, and to report to the European Parliament and the Council.

The national regulations on dual-use encryption products

How some countries have their own rules on dual-use encryption products

The case of the United States

Some countries have their own national regulations on dual-use encryption products, which may differ or complement the existing regimes. For example, the United States has a complex and strict export control system, based on the Export Administration Regulations (EAR). The EAR classify encryption products under category 5, part 2, of the Commerce Control List (CCL). The EAR require an export license for most encryption products, except for some exceptions, such as mass market products, publicly available products, or products intended for certain countries or end-users. The EAR also require that exporters submit annual self-classification reports, semi-annual sales reports, and encryption review requests for certain products.

The case of Andorra

Andorra is a small country between France and Spain. It is not an EU member, but it has a customs union with it. However, this customs union does not cover all products. It only covers those belonging to chapters 25 to 97 of the Harmonized System (HS), which are mainly industrial products. Agricultural products and products belonging to chapters 1 to 24 of the HS are free of import duties in the EU. But they are subject to the most-favored-nation (MFN) treatment in Andorra.

Andorra has adopted the EU list of dual-use goods. It requires an export or transfer authorization for these goods, according to the Regulation (EU) 2021/821. This regulation came into force on 9 September 2021 and replaced the previous Regulation (EC) No 428/2009. Andorra has also adopted the necessary customs provisions for the proper functioning of the customs union with the EU. These provisions are based on the Community Customs Code and its implementing provisions, by the Decision No 1/2003 of the Customs Cooperation Committee.

Andorra applies the EU regulation, as it is part of the internal market. Moreover, Andorra has adopted the Delegated Regulation (EU) 2022/1 of the Commission of 20 October 2021, which modifies the EU list of dual-use goods. This modification reflects the changes made by the international export control regimes in 2020 and 2021. It also adds some new items, such as software and technologies for quantum computing, drones or facial recognition. The Delegated Regulation (EU) 2022/1 came into force on 7 January 2022, and applies to all exports of dual-use goods from the EU from that date.

Andorra entered the security and defense sector for the first time by participating in Eurosatory 2022. This is the international reference exhibition for land and airland defense and security. Andorra became the 96th country with a security and defense industry on its territory. Among the exhibitors, an Andorran company, Freemindtronic, specialized in counter-espionage solutions, presented innovative products. For example, DataShielder Defense NFC HSM, a device to protect sensitive data against physical and logical attacks. It uses technologies such as EviCypher NFC HSM and EviCore NFC HSM, contactless hardware security modules (NFC HSM). The president of Coges events, a subsidiary of GICAT, identified these products as dual-use and military products. They need an export or transfer authorization, according to the Regulation (EU) 2021/821. Freemindtronic also showed its other security solutions, such as EviKey NFC HSM, a secure USB key, a security token. These products were displayed in the Discover Village, a space for start-ups and SMEs innovations.

Switzerland

Switzerland is not an EU member, but it has a free trade agreement with it. Switzerland has adopted the Regulation (EU) 2021/821 by the Ordinance of 5 May 2021 on the control of dual-use goods. Switzerland applies the EU list of dual-use goods and requires an export or transfer authorization for these goods, according to the Regulation (EU) 2021/821. Switzerland has also adopted the Delegated Regulation (EU) 2022/1 of the Commission of 20 October 2021, which modifies the EU list of dual-use goods.

Turkey

Turkey is not an EU member, but it has a customs union with it. Turkey has adopted the Regulation (EU) 2021/821 by the Presidential Decree No 3990 of 9 September 2021 on the control of exports of dual-use goods. Turkey applies the EU list of dual-use goods and requires an export or transfer authorization for these goods, according to the Regulation (EU) 2021/821. Turkey has also adopted the Delegated Regulation (EU) 2022/1 of the Commission of 20 October 2021, which modifies the EU list of dual-use goods.

United Kingdom

The United Kingdom left the EU on 31 January 2020. It has adopted the Regulation (EU) 2021/821 by the Dual-Use Items (Export Control) Regulations 2021, which came into force on 9 September 2021. The United Kingdom applies the EU list of dual-use goods and requires an export or transfer authorization for these goods, according to the Regulation (EU) 2021/821. The United Kingdom has also adopted the Delegated Regulation (EU) 2022/1 of the Commission of 20 October 2021, which modifies the EU list of dual-use goods.

The challenges and opportunities for the exporters of dual-use encryption products

The exporters of dual-use encryption products face several challenges and opportunities in the current context of export control regulations. Among the challenges, we can mention:

  • The complexity and diversity of the regulations, which may vary depending on the countries, the products, the destinations and the end-uses, and which require a deep knowledge and a constant monitoring from the exporters.
  • The costs and delays related to the administrative procedures, which can be high and unpredictable, and which can affect the competitiveness and profitability of the exporters, especially for small and medium enterprises (SMEs).
  • The legal and reputational risks, which can result from an involuntary or intentional violation of the regulations, or from a misuse or diversion of the products by the end-users, and which can lead to sanctions, prosecutions or damages to the image of the exporters.

Among the opportunities, we can mention:

  • The growing demand and innovation for encryption products, which are increasingly used in many sectors and domains, such as finance, health, education, defense, security, human rights, etc.
  • The contribution to the security and human rights of the exporters, their customers and the general public, by enabling the protection of data, privacy, freedom of expression, access to information and democratic participation, thanks to encryption products.
  • The cooperation with the competent authorities, the civil society and the international community, to ensure the compliance and accountability of the exporters, and to support the development and implementation of effective and balanced encryption policies and regulations, that respect the security and human rights of all stakeholders.

Conclusion

Dual-use encryption products can have both civil and military uses. They are subject to export control regulations at different levels: international, regional and national. These regulations aim to prevent the risks that these products can pose for security and human rights. At the same time, they allow the development and trade of these products. Therefore, the exporters of dual-use encryption products must comply with the regulations that apply to their products. They must also assess the impact of their products on security and human rights. The exporters of dual-use encryption products can benefit from the demand and innovation for these products. These products are essential for the digital economy and society. They can also enhance the security and human rights of the exporters, their customers and the public.

Freemindtronic Andorra is a company that specializes in dual-use encryption products. It offers secure and innovative solutions for data, communication and transaction protection. Freemindtronic Andorra respects the export control regulations that apply to its products. It is also committed to promoting and supporting the responsible and lawful use of its products. It follows the principles of security and human rights. Freemindtronic Andorra cooperates with the authorities, the civil society and the international community. It ensures the transparency and accountability of its activities. It also participates in the development and implementation of effective and balanced encryption policies and regulations. It respects the interests and needs of all stakeholders.

Quantum computing RSA encryption: a threat and a solution

Quantum computing RSA encryption
Quantum computing RSA encryption by Jacques Gascuel: This article will be updated with any new information on the topic.

Quantum computers RSA cryptography: how to secure your data

Quantum computers can break RSA encryption, which secures our online data. But there are solutions that are resistant to quantum attacks. One of them is Freemindtronic, an Andorran company that notably uses NFC HSM technology to share AES-256 keys using RSA-4096 encryption, which quantum computers cannot decipher.

2023 Articles Cardokey Eco-friendly EviSwap NFC NDEF Technology GreenTech

NFC Business Cards with Cardokey free for life: How to Connect without Revealing

2023 Articles Cyberculture Eco-friendly Electronics GreenTech Technologies

The first wood transistor for green electronics

Eco-friendly GreenTech

Hardware secrets manager Eco-friendly

Quantum computing RSA encryption: a challenge and a solution

Quantum computing RSA encryption is a challenge for online security. Quantum computing is a new way of computing that uses quantum physics. It can do things that classical computers cannot or are too slow to do. One of these things is breaking RSA encryption, which secures data online. RSA encryption is based on the difficulty of factoring large numbers. Quantum computers can factor large numbers faster than classical computers. They use algorithms like Shor’s algorithm, which exploits quantum properties.

However, this threat is not imminent. Building and using quantum computers is still challenging and uncertain. Two recent announcements claimed to have cracked RSA encryption with quantum systems. But they have not been verified. The experts are skeptical and doubtful. They have not provided any evidence or details. They have made unrealistic or too good to be true claims. They have not been peer-reviewed or reproduced.

What is RSA encryption?

RSA encryption is a type of asymmetric encryption. It uses two keys: a public key and a private key. The public key can be shared with anyone, but the private key must be kept secret. They are mathematically related, but it is very hard to find the private key from the public key.

How does RSA encryption work?

RSA encryption uses large prime numbers to generate the keys. The public key and the private key are based on the product of two prime numbers. It is easy to multiply two prime numbers, but very hard to factor their product. For example, 17 x 23 = 391, but finding that 391 = 17 x 23 is much harder.

RSA encryption uses keys that are 2048 or 4096 bits long. These are numbers that have 2048 or 4096 binary digits (0 or 1). They are so large that it would take billions of years for a classical computer to factor them. Therefore, RSA encryption is very secure and widely used for online security.

What is quantum computing and how does it work?

Quantum computing is a new way of computing that uses quantum physics. It can do things that classical computers cannot or are too slow to do. Here is how it works:

  • Qubits: Quantum computers use quantum bits, or qubits. They can be 0 or 1, or both at the same time. This is called superposition. When we measure a qubit, it becomes either 0 or 1. This gives us more information than a classical bit, which is always 0 or 1.
  • Entanglement: Quantum computers can also use entanglement. This is when two qubits share a quantum state and affect each other, even if they are far apart. This allows us to manipulate multiple qubits at once and create complex quantum states.
  • Parallelism: Quantum computers can use these properties to perform parallel computations. This means they can do many calculations at the same time, using fewer qubits than classical bits. This can speed up some tasks that are hard for classical computers.

One of these tasks is breaking RSA encryption, which is based on factoring large numbers. Quantum computers can use a quantum algorithm, called Shor’s algorithm, to factor large numbers faster than classical computers. This can break RSA encryption by finding the private key from the public key. However, this requires a quantum computer with many qubits and low errors, which we do not have yet.

Quantum computing RSA encryption: a challenge and a solution

The ability to find an RSA private key from its public key by a quantum computer poses a serious threat to online security. However, this threat is not imminent, as there are still many challenges and uncertainties in building and using quantum computers. Two recent announcements have claimed to have cracked RSA encryption with quantum systems, but they have not been verified and have been met with skepticism and doubt from the experts. They have not provided any evidence or details of their work. They have made assumptions and claims that seem unrealistic or too good to be true. They have not been peer-reviewed or reproduced by other sources.

How quantum computers can break RSA encryption

RSA encryption is a type of asymmetric encryption. It uses two keys: a public key and a private key. The public key can be shared with anyone, but the private key must be kept secret. They are mathematically related, but it is very hard to find the private key from the public key.

RSA encryption uses large prime numbers to generate the keys. The public key and the private key are based on the product of two prime numbers. It is easy to multiply two prime numbers, but very hard to factor their product. For example, 17 x 23 = 391, but finding that 391 = 17 x 23 is much harder.

RSA encryption uses keys that are 2048 or 4096 bits long. These are numbers that have 2048 or 4096 binary digits (0 or 1). They are so large that it would take billions of years for a classical computer to factor them. Therefore, RSA encryption is very secure and widely used for online security.

Quantum computers can break RSA encryption by finding the prime factors of the composite number that is used to generate the public and private keys. Once the prime factors are known, the private key can be easily calculated from the public key, and the encrypted messages can be decrypted. Quantum computers can use a quantum algorithm, called Shor’s algorithm, to factor large numbers faster than classical computers. Shor’s algorithm can factor a large number in polynomial time, which means that the time it takes to factor a number grows relatively slowly as the number gets larger. In contrast, the best classical algorithms for factoring are exponential, which means that the time it takes to factor a number grows very fast as the number gets larger.

Two claims of breaking RSA encryption with quantum systems

Two recent announcements have raised concerns about quantum computing RSA encryption. One is from a team of Chinese researchers, who published a paper on arXiv in December 2022. They claim to have found a faster way to break RSA encryption with a quantum computer of 372 qubits. They combine a classical algorithm, called Schnorr’s algorithm, with a quantum algorithm, called QAOA (Quantum Approximate Optimization Algorithm). Schnorr’s algorithm is a method of factoring large numbers that uses a probabilistic approach and a lattice reduction technique. QAOA is a method of finding approximate solutions to optimization problems using a quantum computer.

The researchers say that by applying QAOA to the most computationally intensive step of Schnorr’s algorithm, they can reduce the number of qubits and the number of operations needed to factor a large number. They also say that they tested their method on a 10-qubit quantum computer and succeeded in factoring a 48-bit number. They extrapolate that their method can scale to factor a 2048-bit number, which is the standard for RSA encryption.

The other announcement is from a researcher named Ed Gerck, who posted on LinkedIn in November 2023. He claims to have decrypted RSA-2048 encryption, the most used public-key algorithm, with a quantum system implementable on a smartphone or a PC running Linux. He says that he developed a quantum algorithm that can calculate prime numbers faster than Shor’s algorithm and that he proved several mathematical conjectures, such as Goldbach’s conjecture. He published an excerpt of his work, but has not provided any proof or detail of his method.

Both announcements are not verified and have been met with skepticism and doubt from the experts. They have not provided any evidence or details of their work. They have made assumptions and claims that seem unrealistic or too good to be true. They have not been peer-reviewed or reproduced by other sources.

Quantum computing RSA encryption: possible solutions

How to protect RSA encryption from quantum attacks?

However, this announcement is not yet verified, and it raises many questions in the scientific community. It is therefore premature to draw hasty conclusions, and we must wait for the publication of the evidence of his work. It is also possible that RSA encryption can be adapted to resist quantum attacks, for example by increasing the length of the keys, or by using masking techniques. In addition, there are alternatives to RSA encryption, supposed to be more robust against quantum computing. These are post-quantum cryptography algorithms, based on other mathematical problems that are difficult to solve for quantum computers. Post-quantum cryptography is a very active field of research, which aims to anticipate the threats that quantum computers would pose to the security of communications. There are several potential candidates to replace RSA encryption, but they must be evaluated and compared in order to choose the most suitable ones for different needs and constraints. The NIST has launched an international competition to select and standardize the best post-quantum encryption algorithms, which should be ready by 2024.

What are the alternatives to RSA encryption?

Some of the alternatives to RSA encryption that are considered to be more resistant to quantum attacks are:

  • Lattice-based cryptography: This is based on the hardness of finding the shortest vector in a high-dimensional lattice, or the closest vector to a given point. Lattice-based cryptography has the advantage of being fast, versatile, and allowing for advanced features such as homomorphic encryption and digital signatures. Some examples of lattice-based algorithms are NTRU, BLISS, and NewHope.
  • Code-based cryptography: This is based on the hardness of decoding a general linear code, or finding the error vector in a noisy transmission. Code-based cryptography has the advantage of being simple, efficient, and having a long history of security analysis. Some examples of code-based algorithms are McEliece, Niederreiter, and BIKE.
  • Multivariate cryptography: This is based on the hardness of solving a system of multivariate polynomial equations over a finite field. Multivariate cryptography has the advantage of being compact, flexible, and allowing for various applications such as encryption, signatures, and identification. Some examples of multivariate algorithms are Rainbow, HFE, and GeMSS.
  • Hash-based cryptography: This is based on the hardness of finding collisions or preimages for a cryptographic hash function. Hash-based cryptography has the advantage of being simple, provably secure, and relying on minimal assumptions. Some examples of hash-based algorithms are XMSS, SPHINCS, and LMS.

How Freemindtronic protects data with RSA-4096 and NFC technology

Freemindtronic is an Andorran company that specializes in security and cybersecurity of information and computer systems. It designs and develops products and services based on NFC (Near Field Communication) technology, which allows wireless communication at short distance.

The HSM of Freemindtronic: devices that store and protect cryptographic keys

One of the products of Freemindtronic is the HSM (Hardware Security Module), which is a device that stores and protects cryptographic keys. The HSM of Freemindtronic uses two technologies: EviCore HSM OpenPGP and EviCore NFC HSM.

  • EviCore HSM OpenPGP is an implementation of the OpenPGP standard, an open standard for encryption and signature of data. It can manage symmetric and asymmetric encryption keys, both standard and OpenPGP. It can also create HSM on any type of storage device, such as key store, key chain, SD card, SSD, USB drive, NAS, cloud, etc. It can work in fixed, offline, or online mode (LAN/WAN).
  • EviCore NFC HSM is a technology that allows to share AES-256 standard keys using RSA-4096 standard encryption. It works without contact with NFC HSM, which use a pair of RSA-4096 keys for secret sharing (AES-256 encryption keys).

The AES-256 standard: a type of symmetric encryption with high level of security

The AES-256 standard is a type of symmetric encryption, which means that it uses the same key to encrypt and decrypt messages. The AES-256 standard offers a high level of security, as it uses keys that are 256 bits long, which are very hard to crack by brute force. The AES-256 standard is widely used for encrypting data and communications, such as files, emails, or messages.

The RSA-4096 encryption: a type of asymmetric encryption that protects the AES-256 keys from quantum attacks

However, the AES-256 standard requires that the key be securely transmitted between the sender and the receiver, without being intercepted, modified, or forged by an attacker. This is where the RSA-4096 encryption comes in, as it provides a way to protect the AES-256 keys from quantum attacks.

The RSA-4096 encryption is a type of asymmetric encryption, which means that it uses two different keys to encrypt and decrypt messages: a public key and a private key. The public key can be shared with anyone, while the private key must be kept secret. The RSA-4096 encryption uses keys that are 4096 bits long, which are out of reach of the current or future quantum computers. The RSA-4096 encryption can encrypt the AES-256 keys with the public key of the receiver, and decrypt them with the private key of the receiver. Thus, only the receiver can access the AES-256 keys, and use them to encrypt or decrypt the messages. The RSA-4096 encryption can also sign the AES-256 keys with the private key of the sender, and verify them with the public key of the sender. Thus, the receiver can ensure the identity of the sender, and the integrity of the AES-256 keys.

The RSA-4096 encryption is therefore an effective way to protect the AES-256 keys from quantum attacks, as it uses keys that are 4096 bits long, which are out of reach of the current or future quantum computers.

The RSA-4096 encryption is also a practical way to share the AES-256 keys between the HSM, as it uses the NFC technology, which allows wireless communication at short distance. The RSA-4096 encryption is therefore a major asset for the technologies of Freemindtronic, which offer an optimal security for the encryption of data.

Conclusion

Quantum computing is a new paradigm of computing that could break RSA encryption, the most common encryption method on the internet. With only 372 qubits, a quantum computer could break RSA encryption, exposing our online data and communications. However, there are solutions and alternatives that can resist quantum attacks. One of them is Freemindtronic, an Andorran company that uses NFC technology to share AES-256 standard keys using RSA-4096 standard encryption, which is beyond the reach of quantum computers. Freemindtronic’s technologies are based on the EviCore HSM OpenPGP and the EviCore NFC HSM, which are hardware devices that store and protect cryptographic keys. EviCore HSM OpenPGP transforms your smartphone, tablet or computer into a hardware security module compatible with the OpenPGP standard. EviCore NFC HSM allows you to store and use your crypto keys and secrets in a contactless NFC device, such as a card, a sticker, or a keychain. Both technologies offer features such as offline isolation, seamless integration, enhanced user experience, and multi-factor authentication. Therefore, Freemindtronic’s technologies are innovative and secure solutions for data and communication encryption, which can withstand quantum attacks and ensure the privacy and integrity of online activities.

NFC Business Cards with Cardokey free for life: How to Connect without Revealing

NFC Business Cards with-Cardokey NFC vCard free for life Eco-Friendly from Freemindtronic Andorra
NFC Business Cards with Cardokey by Jacques Gascuel: This article will be updated with any new information on the topic.

How to Create NFC Business Cards with Cardokey

Do you want to create your contact information in a simple, fast and eco-friendly way? Do you want to use NFC technology without spending a fortune or compromising your privacy? Then you need to read this article about Cardokey, the app that’s revolutionizing NFC business cards.

2023 Articles Cardokey Eco-friendly EviSwap NFC NDEF Technology GreenTech

NFC Business Cards with Cardokey free for life: How to Connect without Revealing

2023 Articles Cyberculture Eco-friendly Electronics GreenTech Technologies

The first wood transistor for green electronics

Eco-friendly GreenTech

Hardware secrets manager Eco-friendly

NFC Business Cards: Create your NFC vCard with Cardokey, the Eco-Friendly and Secure NFC App

Are you looking for an eco-friendly way to create contactless business cards? Do you want to benefit from affordable NFC technology and prioritize privacy? You’ll love Cardokey – the app revolutionizing NFC business cards! Cardokey, the NFC business card that connects you while protecting your privacy.

What is Cardokey and how does it work?

Cardokey: Free App for Eco-Friendly NFC Business Cards

You can easily and free create and share your business cards, your social network links or links to your favorite sites for life. Recycle any NFC Tag, NFC Ticket, NFC Sticker or NFC card allowing the use of the NDEF format.
Use of the free Cardokey application is completely anonymous and does not ask for any personal or professional information. You therefore do not need to create an account or identify yourself to use Cardokey.

Cardokey: a compliant and sustainable solution

Cardokey adheres to various standards like ISO/IEC 7816-4, ISO/IEC 14443, NFC Forum Type 2, ISO/IEC 18092, and ISO/IEC 15693 without compromising your privacy or security. It also complies with international data protection laws such as GDPR, PIPEDA, CCPA, and more.

Cardokey is an eco-designed solution that contributes to the UN Goal 12. Consequently, it complies with international standards for eco-responsible practices, circular and solidarity economy, sustainable economy and carbon footprint reduction.

Cardokey: a compatible and versatile app

NFC business cards created with Cardokey are compatible with all NFC phones, Android and iPhone. The application works in real time, offline, without a database, including in airplane mode. This means that you can modify the information contained in the memory of your NFC media at any time. The app also allows you to format any NFC Media to NDEF format and also erase almost all types of NFC chips.

Cardokey: a simple and fast way to share your contact information

Digital business cards created with Cardokey can be shared in seconds. In fact, your interlocutor does not need to download a specific application in order to be able to read the information you wish to share. All he has to do is place the digital business card under his phone equipped with NFC technology to see the information.

How to create an NFC business card with Cardokey that fits the memory size of your NFC media?

The intelligent system of Cardokey

One of the most interesting features of Cardokey is the automatic management of the memory size of forms. The contact form indicates in real time the actual occupancy of the NDEF memory based on the number of characters. The Cardokey user knows the type of vCard information. He can store it according to the memory size. The memory size depends on the NFC media.

The different types of NFC Media and their memory size

It is possible to make a vCard with a minimum of name, surname and email information for a very small NFC memory4. For example, on an NTAG Nano, which has a capacity of 160 bytes and can store NDEF messages of up to 128 bytes, one can store basic information like a person’s name, surname, phone number, and email address.

Or, more complete information can be stored on a ST25TV02K chip, which has a capacity of 256 bytes and can store NDEF messages of up to 224 bytes. In this case, one can include a person’s name, surname, title, organization, phone number, email address, and postal address.

The steps to create an NFC business card with Cardokey

You can create NFC business cards that fit the memory size of your media without losing information. This allows you to optimize the use of your NFC Media and take advantage of their full capabilities.

To create NFC business cards that fit the memory size of your media, simply follow these steps:

  • Open the Cardokey app and choose the type of content you want to create (business card, URL link, social media link).
  • Enter the information you want to share in the contact form. The form tells you in real time how much memory your data is occupying and how much memory is available on your media.
  • Hover your smartphone to the NFC media of your choice. The app writes the data to the NFC media and confirms that the NFC business card has been created successfully.
  • Test your NFC business card by scanning it with your smartphone or another NFC phone. You’ll see the information you’ve shared on the screen.

That’s it, you’ve created an NFC business card adapted to the memory size of your media, thanks to Cardokey’s automatic form memory size management feature

What are the benefits of NFC business cards with Cardokey?

Cardokey is free and anonymous

Cardokey is a free app that lets you create NFC vCard business cards easily. You can create as many NFC business cards as you want, without paying any fees or signing up for any subscriptions. Moreover, Cardokey is completely anonymous and does not ask for any personal or professional information from the user. You don’t need to create an account or fill in any data. Everything works offline, in real-time, without a database.

Cardokey is easy to use

Cardokey is very easy to use, with one-click installation and operation. You don’t need any technical knowledge or specific hardware to create your NFC business cards. All you have to do is download the app on your smartphone, choose the type of content you want to create, enter the information you want to share, and swipe your smartphone on the NFC media of your choice. And there you have it, your NFC business card is ready! Furthermore, Cardokey features an intelligent system that optimizes the NDEF memory management of NFC media. This provides an optimal user experience.

How Cardokey protects your data with EviSwap NFC NDEF technology

The innovative features of EviSwap NFC NDEF technology

Cardokey uses EviSwap NFC NDEF technology by Freemindtronic for cybersecurity. This is an innovative technology that lets you create and share digital contacts contactless for life. With a simple click, you can create NFC business cards on any NFC media, whether it is disposable or not. You can give a new use to NFC tickets, cards, labels, and tags. You can also rewrite your NFC business cards at least a million times without any risk of error. You can use them for more than 40 years without needing a power source.

The standard and secure format of EviSwap NFC NDEF technology

EviSwap NFC NDEF technology is a technology that uses NFC to facilitate data exchange by implementing the NDEF NFC standard. NDEF stands for NFC Data Exchange Format. It is a standardized format that contains structured data, such as contacts, links, texts, images, etc. NDEF files are compatible with most computer and phone terminals, which can read and write them directly on the NFC memory. EviSwap NFC NDEF technology is especially used by Freemindtronic to exchange encrypted data from human to human from an NFC media, ensuring data security and privacy.

The performance and durability of EviSwap NFC NDEF technology for industrial chips

EviSwap NFC NDEF technology is also compatible with all NFC NDEF media, but it has the advantage of being optimized for Freemindtronic’s NFC HSM industrial chips. These chips can operate in a wide range of temperatures, from -40°C to +85°C. They can withstand harsh environments and resist shocks, vibrations, and water. They are ideal for applications that require reliability and robustness, such as logistics, manufacturing, or security. Moreover, EviSwap NFC NDEF technology is optimized to exchange the largest quantity of information stored in a large NFC memory. For example, it is possible to store NDEF messages of up to 7.9 kilobytes on an M24LR64E-R chip, which has a capacity of 8 kilobytes. In this case, one can add all types of vCard data as well as security keys, digital signature keys and other custom data.

Cardokey: the anonymous and reusable solution for creating NFC business cards

Cardokey is a secure and reusable solution. The Cardokey app works anonymously. It is not connected to a remote service. It does not store in the phone the data. It does not ask you for any information about the user. Finally, it works in real time in Air Gap Network Security . The EviSwap technology also includes an intelligent system to optimize the memory management of NFC media. The goal is to improve the user experience. The intelligent system informs the user in real time of the limits imposed by the maximum size of the NDEF memory available in the media. This allows you to easily store data according to the memory size.

Cardokey, an eco-friendly application

Cardokey isn’t just a universal app for people worldwide; it’s also eco-friendly, allowing you to recycle NFC media and reduce their environmental impact.

How Cardokey recycles NFC Media

NFC media, such as tags, cards or bracelets, are made of several elements and materials, such as PET (polyethylene terephthalate), aluminum or copper for the antenna, a silicon NFC chip, gold or other metals, and an adhesive. These materials are not all easily recyclable, and can cause pollution or waste problems. For example, PET is a common plastic, that is used in many consumer products, like water bottles or packaging. Although PET is recyclable, when it is used in large quantities and in the form of an NFC tag, it is hard to separate PET from other components for recycling, and it tends to clog the treatment filters. Moreover, the metal of an NFC antenna is difficult to recover and recycle. Finally, the NFC chip itself contains precious metals, that are often lost during the recycling process.

To avoid these problems, Cardokey offers an innovative and ecological solution: it allows you to recycle NFC media by reusing them to create new NFC business cards. Instead of throwing away your old NFC tags, cards or bracelets, you can transform them into NFC business cards with Cardokey, and give them a new life. You can also use existing NFC media, such as transport tickets, or access badges, and convert them into NFC business cards with Cardokey. You can thus enjoy all the benefits of NFC technology, without generating additional waste.

How Cardokey works with different types of NFC chips

Cardokey recycles all types of NFC chips (1, 2, 3, 4 and 5), regardless of ISO standards (14443, 15693, 18092). It detects chip types and adjusts accordingly for maximum compatibility. For example, Cardokey can read and write to NFC chips that have enough memory to store information, such as NTAG, MIFARE or ICODE chips. However, Cardokey will not be able to format, erase or modify NFC chips that are permanently locked.

How Cardokey helps you create personalized NFC business cards

By using Cardokey, you can recycle NFC media and turn them into personalized NFC business cards, that contain the information you want to share, such as your name, company, title, website, email, phone number, and more. You can also create URL links to documents or presentations that are useful for your business, such as quotes, contracts, portfolios, and more. You can also create pre-configured links to your favorite social networks, such as Deviantart, Discord, Facebook, Flickr, GitHub, ICQ, Instagram, LinkedIn, Mastodon, Medium, Pinterest, Reddit, Skype, Slack, Snapchat, SoundCloud, Spotify, Steam, Telegram, TikTok, Tumblr, Twitch, Twitter, VKontakte, WeChat, WhatsApp, YouTube, etc. Finally, you can manage your data and contacts in the NFC card, edit or delete them at any time, and view them on your phone or card.

How Cardokey contributes to the preservation of the planet

If we consider the 14 languages ​​available in the Cardokey application, this represents more than 3.7 billion potential users. These potential users can each recycle 10 NFC media each year. This represents 37 billion NFC supports annually. This reduces the environmental impact of NFC and helps preserve the planet.

How Cardokey is eco-friendly and compliant

Cardokey is an eco-designed solution that contributes to the UN Goal 12. This goal aims to ensure sustainable consumption and production patterns. It complies with ISO 14001, Basel and WEEE standards. It also follows international standards for eco-responsible practices, circular and solidarity economy, sustainable economy and carbon footprint reduction. In addition, Cardokey complies with various standards and regulations. These include ISO/IEC 7816-4, ISO/IEC 14443, NFC Forum Type 2, ISO/IEC 18092 and ISO/IEC 15693. It also follows international law rules on the protection of private and professional data. These include the General Data Protection Regulation (GDPR), the Personal Information Protection and Electronic Documents Act (PIPEDA), the California Consumer Privacy Act (CCPA), and others.

Unlike other NFC business card solutions, which are often paid, limited, complex or not very environmentally friendly, Cardokey offers you a free, unlimited, simple and eco-designed solution.

Cardokey therefore offers you an innovative and ecological solution to create NFC business cards that look like you and that suit your needs. Thanks to its recycling feature, you can also reuse NFC media and turn them into personalized NFC business cards.

Cardokey: a universal app

Cardokey is designed to let you create and manage your NFC business cards in a simple and efficient way. But did you know that Cardokey is also a universal app, which can be used by people from all over the world, regardless of their language?
Indeed, Cardokey is available in 14 languages: Arabic, Catalan, Chinese, English, French, German, Hindi, Italian, Japanese, Portuguese, Romanian, Russian, Spanish, and Ukrainian. This represents more than 86.02% of the languages spoken in the world, and more than 3.7 billion people who can use the app in their native language or in a language they master.

Moreover, Cardokey automatically adapts to the language of the phone where it is installed. If the user changes the language of their phone, Cardokey will do the same. Thus, you can create and manage your NFC business cards in the language of your choice, and enjoy all the features of the app.

You can also choose to share your information in multiple languages, by creating different profiles for each language. For example, you can have a profile in French for your French-speaking contacts, a profile in English for your English-speaking contacts, and a profile in Chinese for your Chinese contacts.

Cardokey offers you great flexibility and creativity to create NFC business cards that suit you and your needs.

How NFC vCards work

NFC stands for Near Field Communication. It is a technology that allows two media to communicate with each other when they are close to each other. NFC business cards with Cardokey use this technology to share your contact information in a simple and fast way.

An NFC tag is a media that contains a tiny electronic chip that can store and exchange data. It can have different shapes, such as stickers, keychains or physical cards. When you bring your smartphone near an NFC tag, the data associated with the tag appears automatically on your screen.

NFC vCard business cards with Cardokey are a great alternative to paper business cards, which are often thrown away, lost or outdated. They are eco-friendly, reusable and updated. They also save you time and money, as you don’t need to print or carry them. Moreover, they are more secure and anonymous, as you don’t need to share your personal data or connect to the Internet to use them.

What are the features of Cardokey NFC vCard business cards?

Cardokey offers many features that allow you to create and manage your NFC digital business cards. Here’s a table that summarizes Cardokey’s features:

Function Available
Create a vCard (contact) taking into account the available space ✔️
Create an NDEF NFC Vcard (Manually) ✔️
Create a vCard from an existing contact in the phone ✔️
Modify any existing NFC vCard created by other paid or free apps to make it easier to recycle and update them ✔️
Delete data stored in the NDEF of an NFC media ✔️
Format all types of NFC media to add NDEF compatibility ✔️
Create and store in the NDEF memory of any existing NFC media: your pre-configured links for social networks, the url of your choice, a vCard contact ✔️
Data management in the NFC Media: Create, Read, Update, Delete (CRUD) ✔️
Explanation of each pcictogram and its feature in the application ✔️
Show contact on phone and NFC Media ✔️
Automatic management of the memory size of the NFC card ✔️
Translation into 14 languages: CA, FR, EN, UK, ES, DE, IT, PT, RO, RU, AR, HI, ZH,JP ✔️
Information de contact de Freemindtronic ✔️
Information about the publisher of the Freemindtronic software ✔️
Direct link on the play store to buy the Cardokey Pro version and NFC Medial ✔️
Cardokey is a recycling solution for all types of disposable or non-disposable NFC Media ✔️

 

With these features, you can create a custom NFC business card, which contains the information you want to share, such as your name, company, title, website, email, phone number, and more. You can also create URL links to documents or presentations that are useful for your business, such as quotes, contracts, portfolios, and more. You can also create pre-configured links to your favorite social networks, such as Deviantart, Discord, Facebook, Flickr, GitHub, ICQ, Instagram, LinkedIn, Mastodon, Medium, Pinterest, Reddit, Skype, Slack, Snapchat, SoundCloud, Spotify, Steam, Telegram, TikTok, Tumblr, Twitch, Twitter, VKontakte, WeChat, WhatsApp, YouTube, etc. Finally, you can manage your data and contacts in the NFC card, edit or delete them at any time, and view them on your phone or card. These features give you a lot of freedom and creativity to create NFC business cards that look and match you.

What are the use cases for NFC business cards with Cardokey?

There are many of them, whether for business or personal needs. Here are some examples of use cases:

Andorra: keep in memory a special event

During the winter, a family visits Andorra’s Granvalira for their child’s first ski lesson and to experience their first snowflake, star, etc. The family keeps the NFC ski ticket formatted in NDEF format. Then, they save a URL that links to a page with all the photos and videos of this event. The ski ticket has become a souvenir object that will be kept for several years. In this case, Cardokey allows you to create an NFC business card with a URL that links to a page where there are all the photos, videos of this event.

Exhibitor: a connected poster with NFC tags

At a booth event, Marius uses self-adhesive NFC tags that they stick behind a poster holder advertising their products with a URL link that directs the visitor to their product information on the poster. The exhibitor can change the poster of his support with Cardokey. He can put a new poster and change the URL link of his new poster. This way, the exhibitor makes a simple poster a connected poster. In this case, Cardokey allows you to create an NFC business card with a URL link that directs the visitor to your product information on the poster.

Goodies: Offer NFC business cards

During a trade show, Mary offers her visitors NFC business cards with her brand as goodies. This allows her to make herself known and retain the loyalty of his potential clients, who will be able to scan her NFC business card with their smartphone to access her website, her LinkedIn profile, her portfolio, etc. Mary can purchase her NFC media from any NFC media e-commerce site or order from Cardokey NFC Cards with an extremely long lifespan of up to 1 million writes and 40 years of vCard retention NFC or URL or network link. In this case, Cardokey allows you to create an NFC vCard with all of Mary’s contact details to offer to her visitors.

Tourist: NFC business cards in different languages

While traveling abroad, Tao uses Cardokey to create his NFC business card with his contact details in his native language. This allows him to easily introduce himself to the people he meets. In fact, they will be able to scan his vcard with their smartphone to see the information translated into their language. He can also use Cardokey to save URL links to websites or applications useful for his trip, such as tourist guides, maps, booking services, etc. In this case, Cardokey allows you to create an NFC business card with your contact details in your native language.

Family: An NFC business card collecting memories

During a family reunion, a family member uses Cardokey to store links to photos and memories on NFC media. Before leaving each other, everyone takes their NFC media. Later, they will be able to relive their life moments with their loved ones, who will simply scan the NFC vcards with their smartphone to view their images, videos, messages, etc. They will also be able to use Cardokey to create URL links to websites or applications that are important to them, such as associations, causes, passions, etc. In this case, Cardokey allows you to create an NFC business card with your photos and memories.

How to download and install Cardokey?

To use Cardokey, you need an NFC-enabled smartphone, i.e. one that has an NFC chip and can read and write NFC data. Most recent smartphones are NFC-enabled, but you can check your smartphone’s compatibility on the Cardokey website.

Cardokey is available in 14 languages (Arabic, Catalan, Chinese, German, English, French, Hindi, Italian, Japanese, Portuguese, Romanian, Russian, Ukrainian). You can download it in any country that accepts the Google play store or app store platform.

To download and install Cardokey on your smartphone, all you need to do is follow these steps:

  • Go to the Google Play Store or App Store and search for “Cardokey”.
  • Select the app and click “Install”.
  • Open the app and agree to the terms of use.
  • Start creating your NFC business cards!

If you are interested in Cardokey, feel free to download it now by clicking on the following link:

In short

Cardokey is a free, user-friendly, eco-conscious app compliant with global privacy and data protection laws. It allows you to create NFC vCard business cards for all Android and iPhone NFC phones. It also lets you reuse and customize NFC media.

Cardokey is the NFC business card that connects you without revealing you. It lets you exchange your contact details without contact and without paper. It offers you a free, unlimited, simple and eco-designed solution.

Definition of technical terms:

  • NFC (Near Field Communication): a technology that allows two devices to communicate with each other when they are close to each other.
  • NDEF (NFC Data Exchange Format): a standard format for storing and exchanging data on NFC media.
  • vCard: a digital format for storing and sharing contact information, such as name, phone number, email address, etc.
  • Air Gap

Brute Force Attacks: What They Are and How to Protect Yourself

Brute Force Attacks Cyber Attack Guide
brute force attacks by Jacques Gascuel: This article will be updated with any new information on the topic.

Everything You Need to Know About Brute-force Attacks

80% of cyberattacks are brute force attacks. This technique tests all combinations to find a system’s password, key, or URL. These attacks threaten the security of your data. How to protect yourself? What tools and practices should be adopted? This article explains.

2024 Digital Security

PrintListener: How to Betray Fingerprints

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

2024 Digital Security Spying

Ivanti Zero-Day Flaws: Comprehensive Guide to Secure Your Systems Now

2024 Articles Digital Security News Spying

How to protect yourself from stalkerware on any phone

2024 Articles Digital Security EviPass Password

Human Limitations in Strong Passwords Creation

2024 Articles Digital Security EviKey NFC HSM EviPass News SSH

Terrapin attack: How to Protect Yourself from this New Threat to SSH Security

2024 Articles Digital Security News Phishing

Google OAuth2 security flaw: How to Protect Yourself from Hackers

Brute-force Attacks: A Comprehensive Guide to Understand and Prevent Them

Brute Force: danger and protection 80% of cyberattacks are brute force attacks. This technique tests all combinations to find the password, key, URL or hash of a system. These attacks threaten the security of your data. How to protect yourself? What tools and practices to adopt? This article explains:

  • Brute force types and methods : they vary according to the hackers’ method, the intrusion level and the application domain.
  • Brute force on electronic components : physical or electrical techniques are used to target chips or boards.
  • Brute force on passwords, keys, URLs and hashes : software or network techniques are used to access websites, online accounts, encrypted files, etc.
  • Brute force on phone systems : code or key techniques are used to hack landlines, mobiles or VoIP services.
  • Protection from brute force on devices and domains : encryption, authentication, masking, verification or correction techniques can help you strengthen your security.
  • Resistance evaluation of products or services to brute force : a scoring model based on the attack type and severity can help you assess the risk.

Types and Methods of Brute-force Attacks

There are several types and methods of brute force attacks, depending on the hackers’ method, the level of intrusion, and the domain of application.

Hackers’ Method

Hackers can use different methods to perform brute force attacks, depending on the type of data they want to obtain or modify. Here are the most common ones:

  • Simple brute force attacks: hackers try to guess the password of a user without using software, based on personal information or common passwords. These attacks work against users who have weak and easy-to-guess passwords, such as “password”, “1234567890”, or “qwerty”.
  • Dictionary attacks: hackers use software that tries passwords from a predefined list of common words, such as those from a dictionary or a database. These attacks are faster than simple ones but less effective against complex and random passwords.
  • Hybrid brute force attacks: hackers combine the previous two methods by adding variations to the dictionary words, such as numbers, symbols, or capital letters. These attacks are more sophisticated and can crack more robust passwords but they take more time and resources.
  • Reverse brute force attacks: hackers target the username rather than the password, assuming that the password is easier to guess or obtain by other means. These attacks are useful to access accounts that use the same username on multiple sites or services.
  • Distributed brute force attacks: hackers use multiple computers or devices connected to the Internet to perform brute force attacks simultaneously on the same target. These attacks are more powerful and harder to detect because they distribute the load and avoid security measures such as attempt limits or IP blocks.
  • Non-invasive faster than brute force attacks: hackers exploit weaknesses in the design or implementation of a system to reduce the number of combinations to test to find a secret information. For example, they can use a technique called “side-channel cube attack” to break AES encryption in less than 10 minutes with a laptop.
  • Analogous attacks: hackers use methods similar to brute force attacks but that do not test all possible combinations. For example, they can use a technique called “binary search attack” to guess a PIN code in less than 20 tries by exploiting the system’s response (correct/incorrect).

Level of Intrusion

Brute force attacks can also be classified according to the level of intrusion they involve:

  • Invasive attacks: hackers access physically the system or device they want to hack, using for example a keyboard, a USB stick, or a cable. These attacks are more dangerous because they can bypass software or network protections but they require proximity with the target and a risk of being caught.
  • Non-invasive attacks: hackers do not need to access physically the system or device they want to hack; they do it remotely via Internet or wireless network. These attacks are more discreet and easier to perform but they can be blocked by firewalls, antivirus software or secure protocols.

Domain of Application

Hackers’ objectives and motivations determine the domains where they apply brute force attacks. Here are some examples:

  • The civil domain: Hackers use brute force attacks to access personal or professional accounts such as emails, social networks, online banks or cloud services. They can steal sensitive information, impersonate identities, extort money or harm the reputation of the victims.
  • The defense domain: Hackers compromise national or international security by targeting military, governmental or diplomatic systems with brute force attacks. They can spy, sabotage, destabilize or provoke conflicts between countries.
  • The ethical hacking domain: Hackers test the security of systems or devices with brute force attacks by putting themselves in the attackers’ shoes. They can identify and report flaws, improve protections or train users.
  • The research domain: Hackers advance science and technology by exploring the limits of systems or devices with brute force attacks. They can discover new possibilities, innovate or create new products.

Brute-force Attacks on Electronic Components

Brute force attacks are not limited to passwords or encryption keys. They can also target electronic components that store or process data such as chips or integrated circuit boards. These attacks aim to access encrypted or protected information that is in the hardware using physical or electrical techniques.

Invasive Attacks

Invasive attacks are attacks that require direct access to the hardware and that involve modifying or destroying it. These attacks are often used to reverse engineer or extract data from chips or smart cards. Here are some examples:

  • Decapsulation: this technique consists of removing the outer layer of protection of a chip to expose the silicon and the internal layers. This can be done mechanically or chemically for example with nitric acid.
  • Deprocessing: this technique consists of removing progressively the internal layers of a chip to access the transistors and the connections. This can be done with chemicals lasers or focused ion beams (FIB).
  • Removal of the passivation layer: this technique consists of removing the insulating layer that covers the surface of a chip to allow electrical contact with the bonding wires (the thin connections between the chip and the package).
  • Reverse engineering: this technique consists of analyzing the structure and the functioning of a chip or an integrated circuit board to extract the source code the algorithms or the vulnerabilities.
  • Micro-probing: this technique consists of using micro-probes (metal needles) to connect directly to the internal components of a chip or an integrated circuit board and interfere with the signals or extract data.
  • Instantaneous memory attack: this technique consists of freezing a chip or an integrated circuit board to preserve the data that is in the volatile memory (RAM) after cutting off the power supply. This technique allows bypassing the mechanisms of automatic erasure of sensitive data in case of intrusion attempt.
  • Securing pairing algorithms against physical attacks: this technique consists of protecting pairing algorithms which are used for identity-based encryption against physical attacks that aim to modify the behavior of the hardware. This technique uses mathematical methods to detect and correct errors induced by physical disturbances.

Non-invasive Attacks

Non-invasive attacks are attacks that do not need direct access to the hardware but that use auxiliary or hidden channels to obtain or modify data on chips or integrated circuit boards. These attacks exploit the physical characteristics of the hardware such as power consumption electromagnetic field acoustic noise or temperature. Here are some examples:

  • Side-channel attack: this technique consists of measuring a physical parameter related to the functioning of a chip or an integrated circuit board to deduce information about the operations it performs or the data it processes. For example it is possible to guess an encryption key by analyzing the power consumption of a chip while it encrypts or decrypts a message.
  • Fault injection attack: this technique consists of provoking an error in the functioning of a chip or an integrated circuit board by sending it an abnormal signal such as an electric pulse a light wave or ionizing radiation. This technique allows modifying the behavior of the hardware revealing hidden information or bypassing protections.
  • Software flaw attack: this technique consists of exploiting a vulnerability in the software that controls the functioning of a chip or an integrated circuit board to access or modify sensitive data. For example it is possible to take control of a router by using a flaw in its firmware (the internal software that controls the functioning of the hardware).
  • Hidden channel attack: this technique consists of exploiting information that is not directly related to the functioning of the targeted system such as noise temperature or time. For example it is possible to guess the PIN code of a phone by listening to the sound produced by the keys when entering it.

Brute-force Attacks on Passwords Encryption Keys Hidden URLs and Hashes

Passwords encryption keys hidden URLs and hashes are data that serve to protect access or confidentiality of information on Internet. Hackers can try to guess them using brute force attacks which consist in testing all possible combinations until they find the right one. These attacks can have serious consequences such as identity theft account hijacking message decryption or website hacking.

Attacks on Passwords

Passwords are secret codes that users enter to authenticate on a website or an online service. Hackers can try to guess them using brute force attacks simple dictionary hybrid reverse or distributed as we have seen previously. These attacks can allow hackers to access users’ accounts and steal their personal financial or

professional information. To protect themselves from these attacks, users should choose strong and unique passwords, use a password manager, enable two-factor authentication, and avoid phishing emails.

Attacks on Encryption Keys

Encryption keys are data that are used to encrypt or decrypt messages or files. They can be symmetric (the same key is used for encryption and decryption) or asymmetric (two different keys are used: a public key for encryption and a private key for decryption). Hackers can try to guess them using brute force attacks simple or distributed, by testing all possible combinations until they find the right one. These attacks can allow hackers to read or modify confidential messages or files.

To protect themselves from these attacks, users should choose long and random encryption keys, use secure encryption algorithms, do not disclose or store their encryption keys in insecure places, and use secure protocols to exchange their encryption keys with their correspondents, such as the Diffie-Hellman protocol or the SSL/TLS protocol.

Another type of brute force attack targets the data stored in the volatile memory of devices, such as computers and phones. Volatile memory is a type of memory that loses its content when the power supply is cut off. This makes it vulnerable to brute force attacks that aim to extract sensitive data from it, using physical or software techniques. In this section, we will explain what are brute force attacks on volatile memory, how they work, what are the risks and how to prevent them.

Tools for brute force attacks

There are many tools available for brute force attacks on different protocols or services. Some are used for malicious purposes, others for penetration testing or security audit. Here is a non-exhaustive list of tools for brute force attacks:

  • Hashcat: Hashcat claims to be the world’s fastest and most advanced password recovery tool based on CPU. It supports five unique modes of attack for over 300 optimized hashing algorithms.
  • Flipper Zero: a multifunctional device that allows you to perform brute force attacks on RFID, NFC, Bluetooth systems, etc.
  • Gobuster: a tool written in Go that allows you to perform brute force attacks on web directories, DNS subdomains, S3 buckets or virtual hosts.
  • BruteX: a shell-based tool that allows you to perform brute force attacks on different services such as FTP, SSH, Telnet, RDP, VNC, etc.
  • Dirsearch: a tool written in Python that allows you to perform brute force attacks on web directories and files.
  • Callow: a tool written in C# that allows you to perform brute force attacks on web forms.
  • SSB: a tool written in Perl that allows you to perform brute force attacks on SMTP servers.
  • THC-Hydra: a popular tool that allows you to perform brute force attacks on more than 50 protocols such as HTTP, HTTPS, FTP, SSH, Telnet, SMB, etc.
  • Burp Suite: a suite of tools that allows you to perform penetration testing on web applications, including brute force attacks on web forms or HTTP parameters.
  • Patator: a tool written in Python that allows you to perform modular brute force attacks on different services such as HTTP, FTP, SSH, SMTP, etc.
  • Pydictor: a tool written in Python that allows you to generate custom lists for brute force or dictionary attacks.
  • Ncrack: a tool that allows you to perform fast and flexible brute force attacks on different services such as RDP, SSH, Telnet, HTTP(S), POP3(S), etc.

Brute force attacks on volatile memory: a data security risk

Volatile memory is a type of memory that loses its content when the power supply is cut off. This is the case for the random access memory (RAM) of computers and phones, which temporarily stores data and programs that are running. Volatile memory has an advantage: it erases the traces of computer activity in case of power outage or system shutdown. But it also has a drawback: it can be targeted by brute force attacks aiming to recover the sensitive data it contains.

A brute force attack is a method that consists of testing all possible combinations of a password, an encryption key or an access code, until finding the right one. Brute force attacks can be performed using specialized software, which exploits the computing power of computers or networks of machines. Brute force attacks can take a lot of time, depending on the complexity and length of the password, key or code to guess.

Brute force attacks on volatile memory are attacks that aim to extract data stored in the RAM of a computer or a phone, using physical or software techniques. For example, it is possible to cool down the RAM with liquid nitrogen, which allows to preserve its content for a few minutes after the system shutdown. It is then possible to transfer the RAM to another device, and use a brute force software to decrypt the data it contains. It is also possible to use malicious software that infiltrates the system and accesses the RAM, bypassing software or hardware protections.

Brute force attacks on volatile memory pose a risk for data security, because they can allow hackers to access confidential information, such as passwords, encryption keys, personal or professional data, etc. These information can then be used to compromise other systems or services, or to extort the victims. To protect against these attacks, it is recommended to use passwords or keys that are long and complex enough, to encrypt data stored in the RAM, and to update software and hardware to benefit from the latest security measures.

To sum up, brute force attacks on volatile memory are a serious threat for data security, as they can allow hackers to access confidential information, such as passwords, encryption keys, personal or professional data, etc. These information can then be used to compromise other systems or services, or to extort the victims. To protect against these attacks, it is recommended to use passwords or keys that are long and complex enough, to encrypt data stored in the RAM, and to update software and hardware to benefit from the latest security measures.

Attacks on Hidden URLs

Hidden URLs are web addresses that are hidden or modified to avoid being easily accessible or identifiable. They can be used to protect the privacy or security of a website or an online service. For example, a website may use a hidden URL to prevent being indexed by search engines or targeted by hackers. Hackers can try to guess them using brute force attacks simple or distributed, by testing all possible combinations until they find the right one. These attacks can allow hackers to access hidden or forbidden websites, such as illegal, malicious, or sensitive websites.

To protect themselves from these attacks, users should choose long, complex, and random hidden URLs, do not use predictable or easy-to-guess hidden URLs, do not share or publish their hidden URLs with other people or on other websites, and use encryption or authentication techniques to enhance the security of their hidden URLs.

Attacks on Hashes

Hashes are data that result from applying a mathematical function to a message or a file. They are used to verify the integrity or authenticity of a message or a file, by comparing it to the original hash. They can also be used to store passwords securely, by transforming them into irreversible hashes. Hackers can try to guess them using brute force attacks simple, dictionary, or hybrid, by testing all possible combinations until they find the right hash. These attacks can allow hackers to falsify or reveal messages or files.

To protect themselves from these attacks, users should choose secure hashing functions that do not have collisions (two different messages that produce the same hash) or preimages (a message that produces a given hash), use salting (adding a random data to the message before hashing) or peppering (adding a secret data to the message before hashing) techniques to make hashes more resistant to brute force attacks, do not store or transmit their hashes in insecure places, and use secure protocols to exchange their hashes with their correspondents, such as the HMAC protocol or the SSL/TLS protocol.

Brute-force Attacks on Phone Systems

Phone systems are devices that allow communication by voice or text, such as landlines, mobile phones (smartphones), or VoIP services. Hackers can try to hack them using brute-force attacks that consist of guessing codes or keys. These attacks can allow hackers to access data or services of a phone system, such as contacts, messages, calls, payments, or subscriptions.

Attacks on PIN Codes

PIN codes are secret codes of four digits that are used to unlock a mobile phone or a SIM card. Hackers can try to guess them using brute force attacks simple or analogous by testing all possible combinations until they find the right one. These attacks can allow hackers to access data or services of the mobile phone or the SIM card.

To protect themselves from these attacks users should choose random and unpredictable PIN codes that do not contain numerical sequences easy to guess such as “0000” “1234” or “4321”. They should not write or share their PIN codes with other people. They should activate the function of automatic locking of the mobile phone or the SIM card after a certain number of unsuccessful attempts. They should activate the function of automatic reset of the mobile phone or the SIM card after a certain number of unsuccessful attempts.

Attacks on IMEI Codes

IMEI codes are unique codes of 15 digits that identify a mobile phone. They are used to block a mobile phone in case of theft or loss. Hackers can try to guess them using brute force attacks simple or distributed by testing all possible combinations until they find the right one. These attacks can allow hackers to unlock a stolen or lost mobile phone and use it for malicious purposes such as making fraudulent calls sending unwanted messages or accessing personal data of the owner.

To protect themselves from these attacks users should note their IMEI codes and keep them in a safe place. They should not disclose their IMEI codes to unknown or suspicious people. They should report the loss or theft of their mobile phone to their operator and request the blocking of their IMEI codes. They should use a service of location or remote locking of their mobile phone in case of loss or theft.

Attacks BrutePrint

You will surely be amazed by our discoveries! These systems verify your identity on smartphones and other devices by using the unique patterns of your finger. But is their security level? In this study, we explore the weaknesses of these systems and how various actors, from cybercriminals to sovereign entities, can exploit them. We looked at 25 techniques for corrupting fingerprint authentication systems. We will also introduce an effective dual-use defense solution: DataShielder HSM solutions to protect your secrets and sensitive data even if this biometric authentication system becomes compromised. Click is here for more information Attacks BrutePrint.

Evaluation of Products or Services Resistance to Brute-force Attacks

To evaluate the resistance of products or services to brute force attacks we can use a scoring model based on the type and severity of possible attacks. The scoring model can be as follows:

  • For each product or service we identify the possible types of brute force attacks that can target it such as passwords encryption keys hidden URLs hashes PIN codes or IMEI codes.
  • For each type of brute force attack we assign a score from 1 to 5 according to the severity of the attack. The score can be based on the following criteria: the complexity of the attack the time required to perform the attack the impact of the attack on the confidentiality integrity or availability of the data or service and the likelihood of the attack to succeed.
  • We calculate the average score for each product or service by adding up the scores for each type of brute force attack and dividing by the number of types. The lower the score the more resistant the product or service is to brute force attacks.

For example let’s consider two products: a web application and a smartphone. The possible types of brute force attacks and their scores are as follows:

Type of brute-force attack Web application Smartphone
Passwords 3 2
Encryption keys 4 3
Hidden URLs 2 N/A
Hashes 3 N/A
PIN codes N/A 2
IMEI codes N/A 4

The average score for the web application is (3 + 4 + 2 + 3) / 4 = 3. The average score for the smartphone is (2 + 3 + 2 + 4) / 4 = 2.75. Therefore, according to this scoring model, the smartphone is more resistant to brute force attacks than the web application.

Statistics on brute force attacks

Brute force attacks are common and effective methods used by hackers to access systems protected by passwords or encryption keys. According to the IBM Cost of a Data Breach 2022 report, stolen or compromised credentials are the leading cause of data breaches and cost an average of $4.35 million to businesses worldwide in 2021. Brute force attacks are also increasing with the health crisis, which has encouraged remote work and online services. According to Cloudflare, the number of brute force attacks on RDP and SSH protocols increased by 400% between March and April 2020.

The duration and difficulty of a brute force attack depend on the length and complexity of the password or key to guess. According to Cloudflare, a seven-character password would take, at a rate of 15 million keystrokes per second, 9 minutes to crack. An eight-character password would take 4 hours, a nine-character password would take 8 days, and a ten-character password would take 463 days. It is therefore essential to use passwords or keys that are long and random enough to resist brute force attacks.

Real Cases of Brute-force Attacks

Brute force attacks are not only theoretical methods, but also real threats that have affected various domains, such as finance, health, politics, etc. In this section, we will present some examples of brute force attacks that have taken place in recent years, and show their consequences and lessons.

Brute force attacks on financial institutions

Financial institutions are often targeted by brute force attacks, as they store sensitive data and money. For instance, in 2019, a group of hackers used brute force attacks to access the online banking systems of several banks in Eastern Europe and Central Asia. They stole over $100 million from more than 40,000 accounts. The hackers used a software called Cobalt Strike, which allowed them to remotely control the infected computers and launch brute force attacks on the banks’ servers. They also used a technique called “ATM cash-out”, which enabled them to withdraw money from ATMs without using cards.

This case shows the importance of using strong passwords and encryption keys for online banking systems, as well as updating the software and hardware to prevent malware infections. It also shows the need for monitoring and alerting mechanisms to detect and stop brute force attacks in real time.

Brute force attacks on health systems

Health systems are also vulnerable to brute force attacks, as they store personal and medical data that can be used for identity theft or blackmail. For example, in 2020, a hacker group called Maze used brute force attacks to breach the network of Fresenius, Europe’s largest private hospital operator. They encrypted the data and demanded a ransom for its release. The attack affected the hospital’s operations and patient care, as well as its subsidiaries that produce dialysis products and blood transfusion devices.

This case illustrates the impact of brute force attacks on human lives and health services. It also highlights the need for securing the network and data of health systems, as well as having backup and recovery plans in case of an attack.

Brute force attacks on political systems

Political systems are not immune to brute force attacks, as they can influence the outcome of elections or policies. For instance, in 2016, a hacker group called Fancy Bear used brute force attacks to access the email accounts of several members of the Democratic National Committee (DNC) in the United States. They leaked the emails to WikiLeaks, which published them online. The leaked emails revealed internal conflicts and controversies within the DNC, and damaged the reputation of Hillary Clinton, who was running for president against Donald Trump.

This case demonstrates the power of brute force attacks to manipulate public opinion and interfere with democratic processes. It also underscores the need for protecting the email accounts and communications of political actors, as well as educating the public about cyber threats and misinformation.

How to Prevent Brute-force Attacks

Brute force attacks are a serious threat to the security and privacy of users, systems, and devices. Therefore, it is important to take preventive measures to avoid or mitigate their impact. Here are some general tips to prevent brute force attacks:

  • Use strong and unique passwords, encryption keys, hidden URLs, hashes, PIN codes, and IMEI codes. They should be long, complex, and random, containing letters, numbers, and symbols. They should not be based on personal or predictable information, such as names, dates, or phone numbers.
  • Use secure encryption algorithms and hashing functions. They should not have known or exploitable flaws or weaknesses, such as collisions or preimages. They should have enough entropy (degree of unpredictability) to resist brute force attacks.
  • Use secure protocols and techniques to exchange and store data. They should provide encryption, authentication, verification, correction, masking, or salting features. They should use secure channels and devices to transmit and store data.
  • Use security software and hardware to protect systems and devices. They should include firewalls, antivirus software, sensors, or locks. They should detect and block brute force attacks or trigger self-destruction or data erasure mechanisms.
  • Use ethical hacking and research to test and improve the security of systems and devices. They should identify and report vulnerabilities, flaws, or weaknesses. They should provide solutions, innovations, or products to enhance the security of systems and devices.

In conclusion

In this article, we have explored the topic of brute force attacks, also known as trial-and-error or exhaustive attacks. We have seen that brute force attacks are methods used by hackers to access systems protected by passwords or encryption keys, by testing all possible combinations until finding the right one. We have also seen that there are different types and methods of brute force attacks, depending on the hackers’ method, the level of intrusion, the domain of application and the tools used. We have focused on some specific types of brute force attacks, such as those on electronic components, passwords, encryption keys, hidden URLs, hashes and phone systems. We have also evaluated the resistance of products or services to brute force attacks, by presenting some real cases and some criteria to assess the security level. Finally, we have given some tips on how to prevent brute force attacks, by using long and complex passwords or keys, encrypting data, updating software and hardware, and using security tools.

Brute force attacks are a serious threat for data security and privacy, as they can allow hackers to access confidential information, compromise other systems or services, or extort the victims. Therefore, it is essential to be aware of the risks and the solutions to protect yourself from brute force attacks. If you want to learn more about this topic, you can check the sources that we have cited throughout this article.

Are fingerprint systems really secure? How to protect your data and identity against BrutePrint

Fingerprint Systems Really Secure - How to Protect Your Data and Identity
Fingerprint Systems Really Secure by Jacques Gascuel: This article will be updated with any new information on the topic.

Fingerprint Security

You will surely be amazed by our discoveries! These systems verify your identity on smartphones and other devices by using the unique patterns of your finger. But is their security level? In this study, we explore the weaknesses of these systems and how various actors, from cybercriminals to sovereign entities, can exploit them. We looked at 25 techniques for corrupting fingerprint authentication systems. We will also introduce an effective dual-use defense solution: DataShielder HSM solutions to protect your secrets and sensitive data even if this biometric authentication system becomes compromised.

Fingerprint Biometrics: An In-Depth Exploration of Security Mechanisms and Vulnerabilities

It is a widely recognized biometric authentication system for identity verification. In this overview of fingerprint authentication systems, we will explore comprehensively to understand the complex world of fingerprint biometrics. Our goal is to provide a detailed exploration of these systems, their inner workings, vulnerabilities, and countermeasures.

Demystifying Fingerprint Systems: A Thorough Examination

Two fundamental components make up these systems: the fingerprint sensor and the comparison algorithm.:

The Fingerprint Sensor: Where Biometric Data Begins

These systems rely on an essential component: the fingerprint sensor. It captures the finger image and converts it into a digital format. Different types of sensors exist, each with their advantages and disadvantages:

  1. Optical sensors: They use light and a camera to create a high-resolution image.
  2. Capacitive sensors: They use an array of small capacitors to measure the differences in electrical charge between the ridges and valleys.
  3. Ultrasonic sensors: They use sound waves to create a three-dimensional image.
  4. Thermal sensors: They detect the heat emitted by the finger to generate an image.

The Comparison Algorithm: The Gatekeeper of Access

The comparison algorithm is a critical software component that analyzes the captured fingerprint image. Its role is vital:

  • Image Analysis: The algorithm scrutinizes the fingerprint image, extracting its unique features.
  • Template Comparison: It then compares these features to one or more stored templates, serving as reference fingerprints for authorized users.
  • Threshold Criteria: Access is granted if the algorithm determines a significant similarity between the captured image and a stored template, surpassing a predefined threshold. If not, the system considers the fingerprint invalid and denies access.

Fingerprint System Vulnerabilities and Attack Techniques

First, before evaluating attack techniques against fingerprinting systems, let’s explore different attack types, techniques, motivations, and strategies. In our thorough analysis of fingerprint system vulnerabilities, we must acknowledge numerous attack techniques employed by various actors. These techniques, driven by diverse motivations ranging from personal gain to malicious intent, illuminate the complexities of fingerprint system security. We’ve identified a total of twenty-five (25) distinct attack types, categorized into five groups in this study: “Electronic Devices for Biometric Attacks,” “Additional Fingerprint Attacks,” “Advanced Attacks,” “Attacks on Lock Patterns,” and “Attacks on Fingerprint Sensors.”

Attacks on Fingerprint Sensors

Fingerprint sensors, a common biometric authentication method, are vulnerable to several attack types and techniques update 23 february 2024:

ATTACK TYPE TECHNIQUE MOTIVATIONS STRATEGIES
Residual Fingerprint Attack Recovers the smartphone owner’s fingerprint left on surfaces, reproducing it. Identity theft, unauthorized access, or malicious purposes. Exploits traces of fingerprints on surfaces using materials like gelatin, silicone.
Code Injection Attack Injects malicious code to bypass fingerprint sensor security. Compromises device security for data theft or illicit activities. Exploits software vulnerabilities for unauthorized access to biometric data.
False Acceptance Attack The system accepts a fingerprint that doesn’t belong to the authorized user. Identity theft, unauthorized access, or malicious intentions. Can occur due to poor sensor quality, a high tolerance threshold, or similarity between different individuals’ fingerprints.
False Rejection Attack The system rejects a fingerprint that belongs to the authorized user. Identity theft, unauthorized access. Can occur due to poor sensor quality, a low tolerance threshold, environmental changes, or alterations to the user’s fingerprint.
Substitution Attack Tricks the system with an artificial fingerprint. Identity theft or unauthorized access. Can be done using materials like gelatin, silicone, latex, or wax.
Modification Attack Tricks the system with a modified fingerprint. Identity theft or to conceal the user’s identity. Can be done using techniques like gluing, cutting, scraping, or burning.
Impersonation Attack Tricks the system with another user’s fingerprint, either with their consent or by force. Identity theft using force, threats, bribery, or seduction. Uses the fingerprint of another user who has given consent or has been coerced into doing so.
Adversarial Generation Attack Tricks the system with images of fingerprints generated by an adversarial generative adversarial network (GAN). Bypasses liveness detection methods based on deep learning. Mimics the appearance of real fingerprints.
Acoustic Analysis Attack Tricks the system by listening to the sounds emitted by the fingerprint sensor during fingerprint capture. Can reconstruct the fingerprint image from acoustic signals. Use noise cancellation techniques, encrypt acoustic signals, or use liveness detection methods
Partial Print Attack Tricks the system with a partial fingerprint from the registered fingerprint. Increases the false acceptance rate by exploiting the similarity between partial prints of different users. Can use a portion of the registered fingerprint.
Privilege Escalation Attack Exploits vulnerabilities in the operating system or application to obtain higher privileges than those granted by fingerprint authentication Can access sensitive data, manipulate system files, perform unauthorized actions, or bypass security measures Use strong passwords, enforce multi-factor authentication, limit user privileges, patch system vulnerabilities, monitor user activities, and audit logs
Spoofing Attack Imitates a legitimate fingerprint or identity to deceive the system or the user Can gain access, steal information, spread malware, or impersonate someone. Use liveness detection methods, verify the authenticity, avoid trusting unknown sources, and report spoofing attempts
PrintListener: Side-channel Attack Utilizes acoustic signals from finger friction on touchscreens to replicate fingerprints Gain unauthorized access to devices and services protected by fingerprint authentication Implement noise interference, use advanced fingerprint sensors resistant to acoustic analysis, enable multifactor authentication, regularly update security protocols

For more information on new attack type “PrintListener” (a specific acoustic analysis attack), readers are encouraged to explore the detailed article at https://freemindtronic.com/printlistener-technology-fingerprints/.
These attacks expose vulnerabilities in fingerprint sensor technology and underline the need for robust security measures.

Attacks on Lock Patterns (For Lock Screen Authentication)

Lock patterns, often used on mobile devices for screen unlocking, are susceptible to various attack techniques:

ATTACK TYPE TECHNIQUE MOTIVATIONS STRATEGIES
Brute Force Attack Attempts all possible lock pattern combinations. Gains unauthorized device access. Systematically tests different pattern combinations.
Replica Fingerprint Attack Uses a 3D printer to create a replica fingerprint. Unauthorized access or identity theft. Produces a replica for sensor authentication.
Sensor Vulnerabilities Exploits sensor technology vulnerabilities. Compromises device security for malicious purposes. Identifies and exploits sensor technology weaknesses.
BrutePrint Attack Intercepts messages, emulating the fingerprint sensor. Gains unauthorized access, often with hardware components. Exploits communication protocol vulnerabilities.

These attacks target the vulnerabilities in lock pattern authentication and underscore the importance of strong security practices.

Advanced Attacks

Advanced attacks employ sophisticated techniques and technologies to compromise fingerprint systems:

ATTACK TYPE TECHNIQUE MOTIVATIONS STRATEGIES
Presentation Attack Presents manipulated images or counterfeit fingerprints. Espionage, identity theft, or malicious purposes. Crafts counterfeit fingerprints or images to deceive sensors.
Rapid Identification Attack Uses advanced algorithms to swiftly identify fingerprints. Corporate espionage, financial gain, or enhanced security. Quickly identifies fingerprints from extensive datasets.
Digital Footprint Attack Collects and analyzes the online data and activity of the target, using open source intelligence tools or data brokers Can obtain personal information, preferences, habits, or vulnerabilities of the target. Use privacy settings, delete unwanted data, avoid oversharing, and monitor online reputation

These advanced attacks leverage technology and data to compromise fingerprint-based security.

Network-Based Attacks

Network-based attacks are those that target the communication or data transmission between the device and the fingerprint authentication system. These attacks can compromise the integrity, confidentiality, or availability of the biometric data or the user session. In this section, we will discuss four types of network-based attacks: phishing, session hijacking, privilege escalation, and spyware.

ATTACK TYPE TECHNIQUE MOTIVATIONS STRATEGIES
Phishing Attack Technique: Phishing attacks involve sending fraudulent messages to victims, enticing them to click on a link or download an attachment. These malicious payloads may contain code designed to steal their fingerprints or redirect them to a fake website requesting authentication. Motivations: Phishing attacks are motivated by the desire to deceive and manipulate users into revealing their fingerprint data or login credentials. Strategies: Phishing attackers employ various tactics, such as crafting convincing emails, spoofing legitimate websites, and using social engineering to trick users.
Session Hijacking Attack Technique: Session hijacking attacks aim to intercept or impersonate an authenticated user’s session, exploiting communication protocol vulnerabilities or using spyware. Motivations: Session hijacking is typically carried out to gain unauthorized access to sensitive information or systems, often for financial gain or espionage. Strategies: Attackers employ packet sniffing, session token theft, or malware like spyware to compromise and take control of active user sessions.
Spyware Attack Technique: Spyware attacks infect the device with spyware to capture fingerprint data. Motivations: Spyware attacks are driven by the objective of illicitly obtaining biometric data for malicious purposes, such as identity theft or unauthorized access. Strategies: Attackers use spyware to secretly record and transmit fingerprint information, often through backdoors or covert channels, without the victim’s knowledge.
Predator Files Infects Android phones with a spyware application that can access their data, including fingerprint information. Sold to multiple governments for targeting political opponents, journalists, activists, and human rights defenders in over 50 countries. Use spyware detection and removal tools, update system software, avoid downloading untrusted applications, and scan devices regularly

As we can see from the table above, network-based attacks pose a serious threat to fingerprint authentication systems and users’ privacy and security. Therefore, it is essential to implement effective countermeasures and best practices to prevent or mitigate these attacks. In the next section, we will explore another category of attacks: physical attacks.

Electronic Devices for Biometric Attacks

Some electronic devices are designed to target and compromise fingerprint authentication systems. Here are some notable examples:

Device Description Usage STRATEGIES
Cellebrite UFED A portable device capable of extracting, decrypting, and analyzing data from mobile phones, including fingerprint data. Used by law enforcement agencies worldwide. Used by law enforcement agencies to access digital evidence on mobile phones. Applies substances to damage or obscure sensor surfaces.
GrayKey A black box device designed to unlock iPhones protected by passcodes or fingerprints using a “brute force” technique. Sold to law enforcement and government agencies for investigative purposes. Sold to law enforcement and government agencies for investigative purposes to unlock iPhones. Use strong passwords, enable encryption, disable USB access, and update system software.
Chemical Attacks Alters or erases fingerprints on sensors. Prevents identification or creates false identities. Use fingerprint enhancement techniques, verify the authenticity, and use liveness detection methods

These devices pose a high risk to biometric systems because they can allow malicious actors to access sensitive information or bypass security measures. They are moderate to high in ease of execution because they require physical access to the target devices and the use of costly or scarce devices. Their historical success is variable because it depends on the quality of the devices and the security of the biometric systems. They are currently relevant because they are used by various actors, such as government agencies, law enforcement, or hackers, to access biometric data stored on mobile phones or other devices. This comprehensive overview of attack types, techniques, motivations, and strategies is crucial for improving biometric authentication system security.

BrutePrint: A Novel Attack on Fingerprint Systems on Phones

Fingerprint systems on phones are not only vulnerable to spoofing or data breach attacks; they are also exposed to a novel attack called BrutePrint. This attack exploits two zero-day vulnerabilities in the smartphone fingerprint authentication (SFA) framework. BrutePrint allows attackers to bypass the attempt limit and liveness detection mechanisms of fingerprint systems on phones. It also enables them to perform unlimited brute force attacks until finding a matching fingerprint.

How BrutePrint Works

Fingerprint Systems Really Secure : BrutePrint

BrutePrint works by hijacking the fingerprint images captured by the sensor. It applies neural style transfer (NST) to generate valid brute-forcing inputs from arbitrary fingerprint images. BrutePrint also exploits two vulnerabilities in the SFA framework:

  • Cancel-After-Match-Fail (CAMF): this vulnerability allows attackers to cancel the authentication process after a failed attempt. It prevents the system from counting the failed attempts and locking the device.
  • Match-After-Lock (MAL): this vulnerability allows attackers to infer the authentication results even when the device is in “lock mode”. It guides the brute force attack.To perform a BrutePrint attack, attackers need physical access to the phone, a database of fingerprints, and a custom-made circuit board that costs about 15 dollars. The circuit board acts as a middleman between the sensor and the application. It intercepts and manipulates the fingerprint images.

How to Prevent BrutePrint

BrutePrint is a serious threat to phone users who rely on fingerprint systems to protect their devices and data. It shows that fingerprint systems on phones are not as secure as they seem. They need more robust protection mechanisms against brute force attacks. Some of the possible ways to prevent BrutePrint are:

  • Updating the phone’s software: this can help fix the vulnerabilities exploited by BrutePrint and improve the security of the SFA framework.
  • Using multifactor authentication: this can increase the level of security and reduce the risks of spoofing or brute force attacks. It combines fingerprint authentication with another factor, such as a password, a PIN code, a pattern lock screen ,or other trust criteria that allows patented segmented key authentication technology developed by Freemindtronic in Andorra .
  • Use of DataShielder HSM solutions: these are solutions developed by Freemindtronic in Andorra that allow you to create HSM (Hardware Security Module) on any device, without a server or database, to encrypt any type of data. DataShielder HSM solutions also include EviSign technology, which enables advanced electronic signing of documents. DataShielder HSM solutions are notably available in Defense versions, which offer a high level of protection for civil and/or military applications.

Assessing Attack Techniques: Ease of Execution and Current Relevance

In our pursuit of understanding fingerprint system vulnerabilities, it is crucial to assess not only the types and forms of attacks but also their practicality and current relevance. This section provides an in-depth evaluation of each attack technique, considering factors such as the ease of execution, historical success rates, and their present-day applicability.

Attack Techniques Overview

Let’s analyze the spectrum of attack techniques, considering their potential danger, execution simplicity, historical performance, and present-day relevance.

Attack Type Level of Danger Ease of Execution Historical Success Current Relevance
Residual Fingerprint Attack Medium Moderate Variable Ongoing
Code Injection Attack High Moderate Variable Still Relevant
Acoustic Analysis Attack Medium Low Fluctuating Ongoing Concerns
Brute Force Attack High Low Variable Contemporary
Replica Fingerprint Attack Medium Moderate Fluctuating Still Relevant
Sensor Vulnerabilities High Moderate Variable Ongoing Significance
BrutePrint Attack High High Variable Continues to Pose Concerns
Presentation Attack High Moderate Diverse Still Pertinent
Rapid Identification Attack High Low Variable Ongoing Relevance
Digital Footprint Attack High Low Fluctuating Currently Pertinent
Chemical Attacks High Low Variable Ongoing Relevance
Phishing Attack High Moderate Variable Modern Threat
Session Hijacking Attack High Low Variable Ongoing Relevance
Privilege Escalation Attack High Low Variable Remains Significant
Adversarial Generation Attack High Moderate Variable Still in Use
Acoustic Analysis Attack (Revisited) Medium Low Fluctuating Ongoing Concerns
Partial Print Attack Medium Low Variable Currently Relevant
Electronic Devices for Biometric Attacks High Moderate to High Variable Currently Relevant
PrintListener (Specific Acoustic Analysis Attack) High Moderate Emerging Highly Relevant

Understanding the Evaluation:

  • Level of Danger categorizes potential harm as Low, Moderate, or High.
  • Ease of Execution is categorized as Low, Medium, or High.
  • Historical Success highlights fluctuating effectiveness.
  • Current Relevance signifies ongoing concerns in contemporary security landscapes.

By assessing these attack techniques meticulously, we can gauge their practicality, historical significance, and continued relevance.

The type of attack by electronic devices for biometric systems is very dangerous because it can allow malicious actors to access sensitive information or bypass the protections of biometric systems. Its ease of execution is moderate to high, as it requires physical access to target devices and the use of expensive or difficult-to-obtain devices. Its historical success is variable because it depends on the quality of the devices used and the security measures implemented by the biometric systems. It is currently relevant because it is used by government agencies, law enforcement or hackers to access biometric data stored on mobile phones or other devices.

Statistical Insights into Fingerprint Systems

Fingerprint systems have found wide-ranging applications, from law enforcement and border control to banking, healthcare, and education. They are equally popular among consumers who use them to unlock devices or access online services. However, questions linger regarding their reliability and security. Let’s delve into some pertinent statistics:

According to Acuity Market Intelligence, 2018 saw more than 1.5 billion smartphones equipped with fingerprint sensors, constituting 60% of the global market.

The IAFIS Annual Report of 2020 revealed that more than 1.3 billion fingerprint records were stored in national and international databases in 2019.

According to the National Institute of Standards and Technology (NIST), the average false acceptance rate of fingerprint systems in 2018 was 0.08%, marking an 86% decrease compared to 2013.

These statistics shed light on the widespread adoption of fingerprint systems and their improved accuracy over time. Nevertheless, they also underline that these systems, while valuable, are not without their imperfections and can still be susceptible to errors or manipulation.

Real-World Cases of Fingerprint System Corruption: Phone Cases

Fingerprint system corruption can also affect phone users, who rely on fingerprint sensors to unlock their devices or access online services. However, these sensors are not foolproof and can be bypassed or exploited by skilled adversaries. These attacks can result in device theft, data breaches, or other security issues.

Here are some examples of fingerprint system corruption that involve phones:

  • German hacker Jan Krissler, alias Starbug, remarkably unlocked the smartphone of the German Defense Minister Ursula von der Leyen in 2014 using a high-resolution photo of her thumb taken during a press conference. He employed image processing software to enhance the photo’s quality and created a counterfeit fingerprint printed on paper.
  • A terrorist attack at the Istanbul airport killed 45 people and injured more than 200 in 2016. The investigators found that the three suicide bombers used fake fingerprints to enter Turkey and avoid security checks. They copied the fingerprints of other people from stolen or forged documents.
  • Researchers from Tencent Labs and Zhejiang University discovered in 2020 that they could bypass a fingerprint lock on Android smartphones using a brute force attack, that is when a large number of attempts are made to discover a password, code or any other form of security protection.
  • Experts from Cisco Talos created fake fingerprints capable of fooling the sensors of smartphones, tablets and laptops as well as smart locks in 2020, but it took them a lot of effort.
  • A case of identity theft was discovered in France in 2021, involving the use of fake fingerprints to obtain identity cards and driving licenses. The suspects used silicone molds to reproduce the fingerprints of real people, and then glued them on their fingers to fool the biometric sensors.
  • Researchers from the University of Buffalo developed a method in 2021 to create artificial fingerprints from images of fingers. These fingerprints can fool the sensors of smartphones, but also more advanced biometric systems, such as those used by police or airports.
  • A report by Kaspersky revealed in 2021 that banking apps on smartphones are vulnerable to attacks by falsified fingerprints. Attackers can use malware to intercept biometric data from users and use them to access their accounts.

These cases highlight the significant threats posed by fingerprint system corruption to phone users. Therefore, it is important to protect these systems against external and internal threats while integrating advanced technologies to enhance security and reliability.

DataShielder HSM: A Counter-Espionage Solution for Fingerprint System Security

You have learned in the previous sections that fingerprint systems are not foolproof. They can be corrupted by attacks that expose your secrets and sensitive data. To prevent malicious actors from capturing them, you need an effective and reliable encryption solution, even if your phone is compromised.

Freemindtronic, the leader in NFC HSM technologies, designed, developed, published and manufactured DataShielder HSM in Andorra. It is a range of solutions that you need. You can use either EviCore NFC HSM or EviCore HSM OpenPGP technology with DataShielder HSM. It lets you encrypt your data with segmented keys that you generate randomly yourself. The key segments are securely encrypted and stored in different locations. To access your secrets and your sensitive data encrypted in AES 256 quantum, you need to bring all segments together for authentication.

DataShielder HSM has two versions: DataShielder NFC HSM for civil and military use, and DataShielder NFC HSM Defense for sovereign use. DataShielder NFC HSM Defense integrates two technologies: EviCore NFC HSM and EviCore HSM OpenPGP. They allow you to create a hardware security module (HSM) without contact on any medium, without server, without database, totally anonymous, untraceable and undetectable.

DataShielder HSM is a user-friendly and compatible solution with all types of phone, with or without NFC, Android or Apple. It can be used for various purposes, such as securing messaging services, encrypting files or emails, signing documents or transactions, or generating robust passwords.

DataShielder HSM is a counter-espionage solution that enhances the security of fingerprint systems. It protects your data and secrets from unauthorized access, even if your fingerprint is compromised.

Current Trends and Developments in Fingerprint Biometrics

Fingerprint biometrics is a constantly evolving field. It seeks to improve the performance, reliability and security of existing systems. But it also develops new technologies and applications. Here are some current or expected trends and developments in this field.

  • Multimodality: it consists of combining several biometric modalities (fingerprint, face, iris, voice, etc.) to increase the level of security and reduce the risks of error or fraud. For example, some smartphones already offer authentication by fingerprint and facial recognition.
  • Contactless biometrics: it consists of capturing fingerprints without the need to touch a sensor. This technique avoids the problems related to the quality or contamination of fingerprints. And it improves the comfort and hygiene of users. For example, some airports already use contactless scanners to verify the identity of travelers.
  • Behavioral biometrics: it consists of analyzing the behavior of users when they interact with a biometric system. For instance, the way they place their finger on the sensor or the pressure they exert. This technique adds a dynamic factor to identification. And it detects attempts of impersonation or coercion. For example, some banking systems already use behavioral biometrics to reinforce the security of transactions.

Standards and Regulations for Fingerprint Systems

The use of fingerprint systems is subject to standards and regulations. They aim to ensure the quality, compatibility and security of biometric data. These standards and regulations can be established by international, national or sectoral organizations. Here are some examples of standards and regulations applicable to fingerprint systems.

  • The ISO/IEC 19794-2 standard: it defines the format of fingerprint data. It allows to store, exchange and compare fingerprints between different biometric systems. It specifies the technical characteristics, parameters and procedures to be respected to ensure the interoperability of systems.
  • The (EU) 2019/1157 regulation: it concerns the strengthening of the security of identity cards and residence permits issued to citizens of the European Union and their relatives. It provides for the mandatory introduction of two fingerprints in a digital medium integrated into the card. It aims to prevent document fraud and identity theft.
  • The Data Protection Act: it regulates the collection, processing and storage of personal data, including biometric data. It imposes on data controllers to respect the principles of lawfulness, fairness, proportionality, security and limited duration of data. It guarantees to data subjects a right of access, rectification and opposition to their data.

Examples of Good Practices for Fingerprint System Security

Fingerprint systems offer a convenient and effective way to authenticate people. But they are not without risks. It is important to adopt good practices to strengthen the security of fingerprint systems and protect the rights and freedoms of users. Here are some examples of good practices to follow by end users, businesses and governments.

  • For end users: it is recommended not to disclose their fingerprints to third parties, not to use the same finger for different biometric systems, and to check regularly the state of their fingerprints (cuts, burns, etc.) that may affect recognition. It is also advisable to combine fingerprint authentication with another factor, such as a password or a PIN or other trust criteria that allows the patented segmented key authentication technology developed by Freemindtronic in Andorra.
  • For businesses: it is necessary to comply with the applicable regulation on the protection of personal data, and to inform employees or customers about the use and purposes of fingerprint systems. It is also essential to secure biometric data against theft, loss or corruption, by using encryption, pseudonymization or anonymization techniques.
  • For governments: it is essential to define a clear and consistent legal framework on the use of fingerprint systems, taking into account ethical principles, fundamental rights and national security needs. It is also important to promote international cooperation and information exchange between competent authorities, in compliance with existing standards and conventions.

Responses to Attacks

Fingerprint systems can be victims of attacks aimed at bypassing or compromising their operation. These attacks can have serious consequences on the security of people, property or information. It is essential to know how to react in case of successful attack against a fingerprint system. Here are some recommendations to follow in case of incident.

  • Detecting the attack: it consists of identifying the type, origin and extent of the attack, using monitoring, auditing or forensic analysis tools. It is also necessary to assess the potential or actual impact of the attack on the security of the system and users.
  • Containing the attack: it consists of isolating the affected system or the source of the attack, by cutting off network access, disabling the biometric sensor or blocking the user account. It is also necessary to preserve any evidence that may facilitate investigation.
  • Notifying the attack: it consists of informing competent authorities, partners or users concerned by the attack, in compliance with legal and contractual obligations. It is also necessary to communicate on the nature, causes and consequences of the attack, as well as on the measures taken to remedy it.
  • Repairing the attack: it consists of restoring the normal functioning of the fingerprint system, by eliminating the traces of the attack, resetting the settings or replacing the damaged components. It is also necessary to revoke or renew the compromised biometric data, and verify the integrity and security of the system.
  • Preventing the attack: it consists of strengthening the security of the fingerprint system, by applying updates, correcting vulnerabilities or adding layers of protection. It is also necessary to train and raise awareness among users about good practices and risks related to fingerprint systems.

Next Steps for Fingerprint Biometrics Industry

Fingerprint biometrics is a booming field, which offers many opportunities and challenges for industry, society and security. Here are some avenues for reflection on the next steps for this field.

  • Research and development: it consists of continuing efforts to improve the performance, reliability and security of fingerprint systems, but also to explore new applications and technologies. For example, some researchers are working on artificial fingerprints generated by artificial intelligence, which could be used to protect or test biometric systems.
  • Future investments: it consists of supporting the development and deployment of fingerprint systems, by mobilizing financial, human and material resources. For example, according to a market study, the global market for fingerprint systems is expected to reach 8.5 billion dollars in 2025, with an average annual growth rate of 15.66%.
  • Expected innovations: it consists of anticipating the needs and expectations of users, customers and regulators, by offering innovative and adapted solutions. For example, some actors in the sector envisage creating fingerprint systems integrated into human skin, which could offer permanent and inviolable identification.

Conclusion

Fingerprint systems are a convenient and fast way to authenticate users, based on their unique fingerprint patterns. They have many applications in device protection and online service access. However, these systems are not immune to attacks by skilled adversaries, who can manipulate and exploit them. These attacks can lead to unauthorized access, data breaches, and other security issues.

To prevent these threats, users need to be vigilant and enhance security with additional factors, such as PINs, passwords, or patterns. Moreover, regular system updates are crucial to fix emerging vulnerabilities.

Fingerprint systems are still a valuable and common form of authentication. But users must understand their weaknesses and take steps to strengthen system integrity and data protection. One of the possible steps is to use DataShielder HSM solutions, developed by Freemindtronic in Andorra. These solutions allow creating HSM (Hardware Security Module) on any device, without server or database, to encrypt and sign any data. DataShielder HSM solutions also include EviSign technology, which allows electronically signing documents with a legally recognized value. DataShielder HSM solutions are available in different versions, including Defense versions, which offer a high level of protection for civil and military applications.