Hints from Mocana Engineering

By JDavis | 5/31/09 6:51 PM

There is advisory against SSH using AES in CBC mode. Is NanoSSH vulnerable?

Read More >

Hints from Mocana Engineering

By JDavis | 5/14/09 6:27 PM

How much does cryptographic hardware acceleration improve performance?

Read More >

Hints from Mocana Engineering

By JDavis | 5/3/09 6:08 PM

We make consumer and prosumer devices. We recently found a website which shows how to hack-upgrade our $100 device to a $900 device. We only have 8KB of flash available for a boot loader on our digital camera. Should we use a MD5 hash signature to protect the firmware image?

Read More >

Hints from Mocana Engineering

By JDavis | 4/16/09 6:00 PM

Does Mocana implement all RFC REQUIRED, MUST and SHOULD?

Read More >

Hints from Mocana Engineering

By JDavis | 4/5/09 5:51 PM

We’ve noticed during our evaluation that Mocana’s ephemeral key generation is multiple times faster than our key generator. How is this possible? Are the primes weaker with your algorithm?

No, our primes are exactly the same primes -- we just find them faster. We’re using a trick called a prime sieve to find primes faster. The prime sieve allows us to immediately rule out bad prime candidates; multiples of 2, 3, 5, 7, 11, 13, etc. Prime sieves generally take a lot of memory, but we have a clever approach, which requires 0.5% of memory than a normal prime sieve. We employ some other tricks to speed up the process, please see sieve.c and prime.c for more details.

Read More >

Hints from Mocana Engineering

By JDavis | 3/23/09 4:37 PM

I see you’re using only 2 rounds of Rabin-Miller prime test for 1024 bit primes. Is that sufficient? We are reviewing an alternative product that uses 8 rounds.

According to ANSI X9.80, only two rounds are required if followed by a Lucas prime test to find out if a number is a strong prime. Without a Lucas test, all prime candidates should be tested against 50 rounds of Rabin-Miller prime test to be absolutely certain the number is a strong prime. Therefore, the alternative product that’s using 8 rounds is most likely not using enough rounds for strong prime testing. And if you’re using pseudo primes your device’s security could be compromised through automated attacks on your public key.

Read More >

Hints from Mocana Engineering

By JDavis | 3/9/09 4:32 PM

I read somewhere I need calendar time for security. Why? Do I need a special calendar time chip support?

Read More >

Hints from Mocana Engineering

By JDavis | 2/23/09 3:23 PM

What is the difference between an EAP pass-thru authenticator and an EAP standalone authenticator?

Read More >

Hints from Mocana Engineering

By JDavis | 2/6/09 2:30 PM

Can I customize the seeding of Mocana random number generator?

Read More >

Hints from Mocana Engineering

By JDavis | 10/6/08 2:02 PM

"I am using Mocana’s code in several different new device products. How do I optimize Mocana for my various products, and still maintain my one source control tree?"

There are two approaches; within your makefile you can add new targets that set the appropriate flags to optimize Mocana for each target -- this can be messy and painful since you may need to touch several makefiles potentially every makefile; an easier approach to maintain and integrate is to add build rules within Mocana’s common/moptions.h. Note: All Mocana files include moptions.h. For example;

Read More >
COMMENTS