banner
LightNews
mirohaller.bsky.social
Miro Haller
@mirohaller.bsky.social
140 followers 100 following 26 posts
PhD student @ UCSD working on applied cryptography https://mirohaller.com
mirohaller.com
Posts Media Videos Starter Packs
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Aug 11
You can find more information on our attacks in my blog post and our paper.

And if you're in Seattle, come say hi at WOOT or USENIX!

Blog post: mirohaller.com/posts/2025/0...
Paper: www.usenix.org/system/files...
1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Aug 11
Shout out to Fortune Brands Connected Products (which owns Master Lock) for the great disclosure experience. We had an in-depth meeting with them where they provided context on the origin of the vulnerabilities, insights into their design decisions, and updates on the mitigation progress.
1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Aug 11
The session replay attack is due to a nonce reuse across sessions. The causes for the other attacks were more on the security side (protocol design, access control, buffer overflow).
1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Aug 11
As smart locks are used in house and hotel doors, attacks on them has impacts the physical safety of people.
1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Aug 11
Our WOOT paper went out of disclosure today. We found 5 attacks on the Master Lock D1000 which allow unauthorized unlocking, bypassing access revocation, forging log entries, and causing DoS.

If you're in Seattle, come to our talk given by Chengsong, one of the students I mentored for this paper.
Attack 1 (session replay): An adversary in physical proximity of the lock (without ever having a valid account on the lock) can record the Bluetooth Low Energy (BLE) communication of a whole session and replay it to repeat all executed commands, including unlocking the lock. Attack 2 (exceeding access): Former guests can continue unlocking the lock after their access has been revoked. Attack 3 (clock tampering): Malicious guests can adjust the clock time of the smart lock arbitrarily, extending their own access past expiration or locking out all legitimate users. Attack 4 (audit log tampering): An adversary that only knows the lock’s identifier (which is advertised over BLE) can upload arbitrary audit events to the telemetry server, and prevent legitimate audit events from being uploaded. Hence, the adversary can hide their own activities. Attack 5 (malformed messages): Without valid access, an adversary can send malformed BLE messages to the lock that make it unresponsive or corrupt memory, which results in a Denial of Service (DoS) for authorized users. A malicious authorized user can even leak the memory of the smart lock.
2 3 9
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · May 2
The CAW workshop at Eurocrypt 2025 is just around the corner! Quick reminder that you can sign up (for free) to attend remotely by filling out this form until tomorrow (afternoon CEST): forms.gle/5JUMmYBj9LHW...

The program on the website: caw.cryptanalysis.fun
3
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Apr 9
This year, #CAW offers the option for remote participation to make our Eurocrypt workshop accessible to the members of our community that cannot or prefer not to travel to Madrid.

Register on our website before May 2 (free): caw.cryptanalysis.fun

The updated program is below.
2 5
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
#CAW offers again a few registration waivers. We hope these waivers will help local (grad/undergrad) students to attend our workshop and get a preview of cryptography beyond the classroom and make their first connections to the community.
More info: caw.cryptanalysis.fun#student-regi...
student registration fee waivers We have funding to cover the registration costs of a few student attendees. To apply, please email the organizers with a short motivation why you want to attend CAW and need funding for doing so until March 21, 2025 AoE.
1 3 5
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
Registration for in-person attendance of the workshop goes over Eurocrypt: eurocrypt.iacr.org/2025/registr...
Eurocrypt 2025 registration
44th Annual International Conference on the Theory and Applications of Cryptographic Techniques
eurocrypt.iacr.org
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
We will later announce the overall workshop theme, but it will include two excellent invited speakers: Michele Orrù @tumbolia.bsky.social and Carmela Troncoso @carmelatroncoso.bsky.social and end with an audience discussion on the overarching topic.
1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
Talk 9 at #CAW in the session on messaging:
Rolfe Schmidt from @signal.org on "Designing a Post-Quantum Ratchet for Signal Messenger"; seeking feedback on their candidate designs to make the Double Ratchet protocol post-quantum secure.

caw.cryptanalysis.fun
CAW
Cryptographic Applications Workshop
caw.cryptanalysis.fun
1 1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
Talk 8 at #CAW in the session on messaging:
Phillip Gajland on "Shadofax: Combiners for Deniability"; providing a framework to reason about deniability for hybrid schemes and achieve it for a post-quantum secure AKEM.

caw.cryptanalysis.fun
CAW
Cryptographic Applications Workshop
caw.cryptanalysis.fun
1 1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
Talk 7 at #CAW in the session on messaging:
Emma Dauterman on "Designing Secret Recovery in Signal Messenger"; a restrospective on the lessons learned when designing a system to meet real-world constraints.

caw.cryptanalysis.fun
CAW
Cryptographic Applications Workshop
caw.cryptanalysis.fun
1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
Talk 6 at #CAW in the session on messaging:
Lea Thiemt on "Generic Anonymity Wrapper for Messaging Protocols"; a protocol transformation that achieves forward anonymity and post-compromise anonymity.

caw.cryptanalysis.fun
1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
Talk 5 at #CAW in the session on cryptographic constructions:
Giacomo Fenzi @giacomofenzi.bsky.social on "Linear-Time Accumulation Schemes"; an efficient hash-based building block for proof-carrying data to provide computational integrity in a distributed setting.

caw.cryptanalysis.fun
CAW
Cryptographic Applications Workshop
caw.cryptanalysis.fun
1 1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
Talk 4 at #CAW in the session on cryptographic constructions:
Felix Günther on "(Hybrid) Obfuscation and Verifiable Decapsulation"; two concepts to make KEMs more secure in real-world protocols.

caw.cryptanalysis.fun
CAW
Cryptographic Applications Workshop
caw.cryptanalysis.fun
1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
Talk 3 at #CAW in the session on cryptographic constructions:
Olga Sanina presents "Results from Analyzing and Refining Bluetooth Secure Connections" about modeling and authenticating Bluetooth.

caw.cryptanalysis.fun
CAW
Cryptographic Applications Workshop
caw.cryptanalysis.fun
1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
Talk 2 at #CAW in the session on large-scale deployed cryptography:
Shai Halevi or Nevine Ebeid (or both) from AWS on "Blockcipher-Based Key Commitment for Nonce-Derived Schemes"; towards the FIPS-compliant deployment of XAES-256-GCM.

caw.cryptanalysis.fun
1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
Talk 1 at #CAW in the session on large-scale deployed cryptography:
Ghous Amjad (Google) on the design and deployment of "RSA Blind Signatures with Public Metadata" in GoogleOne VPN.

caw.cryptanalysis.fun
1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Mar 18
The preliminary program for the Cryptographic Applications Workshop (CAW) at Eurocrypt'25 is out.
#CAW focuses on the construction and analysis of cryptography built for practice.
This thread gives a quick overview; the full program and abstracts are here: caw.cryptanalysis.fun#program
1 7 9
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Jan 31
By the way, any constructive work submitted to RWC is likely a great fit for CAW too :)
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Jan 31
Did you get your Eurocrypt decision today? And now either know you'll attend and would like to give an extra talk or need a different reason to go to Madrid?
Then consider submitting a talk on applied, constructive cryptography to CAW. Our call for talks is open until Feb 7.
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Jan 7
The 2nd iteration of the Cryptographic Applications Workshop (#CAW) will be at Eurocrypt 2025!

#CAW focuses on the construction and analysis of cryptography built for practice, bridging the gap between research and real-world applications.

Our call of talks is currently open: caw.cryptanalysis.fun
CAW
Cryptographic Applications Workshop
caw.cryptanalysis.fun
1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Jan 7
Signing up for the workshop as participants will be over the Eurocrypt conference (eurocrypt.iacr.org/2025)
1 1
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Jan 7
Our call for talks is open until February 7.

All details are here: caw.cryptanalysis.fun
1 1 3
mirohaller.bsky.social
Miro Haller @mirohaller.bsky.social · Jan 7
The main themes of #CAW are:
1. formalizing the security of deployed cryptography,
2. constructing cryptographic primitives and systems for practice, and
3. the industry perspective on deployment and maintenance of cryptography.
1 1 1