[C9] "IoT & Sigfox security" by Renaud Lifchitz

Author: Renaud Lifchitz (@nono2357)
Language: French
Country: France
Date & time: Thurs. 3 nov - 14:00 to 14:45

During the design, the implementation and the integration of an IoT product, many questions arise about the reliability and security of wireless communications. One of the most used, long-range, IoT protocol, Sigfox, is proprietary with no specification nor security review. We will explain all the internals of this protocol that we have reverse-engineered.
We will discuss in detail the strengths and weaknesses of SigFox about security of transmitted data. Recommendations will be given to integrators and developers using the protocol to harden their security.

Biography: Renaud Lifchitz is a French senior IT security consultant. He has a solid penetration testing, training and research background. His main interests are protocol security (authentication, cryptography, protocol security, information leakage, zero-knowledge proof, RFID security) and number theory. He currently mostly works on wireless protocols security and was speaker for the following international conferences: CCC 2010 (Germany), Hackito Ergo Sum 2010 & 2012 & 2014 (France), DeepSec 2012 (Austria), Shakacon 2012 (USA), 8dot8 2013 (Chile).