„True intelligence is not about what you know, but how curious you are.“
Albert einstein
I proudly identify as an autodidact, as I’m not one to attend multi-day courses but rather dedicate numerous hours to self-learning. To me, this involves watching YouTube tutorials, grasping the content, replicating it, and then applying it for my own purposes. This style of learning holds a special allure for me because it allows me to dive deep into topics until I have a comprehensive grasp of them.
I relish the opportunity to delve deeply into subjects, whether it’s programming, network security, or cybersecurity. In my perspective, being a Cybersecurity Consultant requires more than just surface-level knowledge; it demands a thorough understanding of the intricacies of potential attacks and threats. It’s only by comprehending the inner workings of these threats that one can take appropriate and effective countermeasures to safeguard an IT infrastructure.
My autodidactic approach has enabled me to build an extensive knowledge base in the realms of cybersecurity and IT security. I firmly believe that this depth of understanding is the key to devising robust security solutions and protecting businesses from the myriad of digital threats. It’s not just a job for me; it’s also a passion that drives me to continuously learn and evolve in these critical domains.
Technical skills
I would like to provide you with a brief insight into topics and terms that I have either dealt with on a daily basis or have explored extensively in the past. A small sample in text form will follow as proof of understanding.
Cryptography
#Encryption #AsymmetricEncryption #SymmetricEncryption #HybridEncryption #PublicKeyCryptography #PrivateKey #TPM2.0 #BlockchainSecurity #PostQuantumCryptography #EndToEndEncryption #AES #RSAAlgorithm #EllipticCurveCryptography #HashFunctions #DigitalSignature #SSL #VPN #TwoFactorAuthentication #KeyManagement #DiffieHellmanKeyExchange #RSA #ECC #ECDSA #EdDSA #SECP256 #Curve
Generally, two fundamental forms of encryption are distinguished: symmetric and asymmetric. While asymmetric encryption allows for a form of authentication, it is characterized by its comparatively slower speed when compared to symmetric encryption. So quite often both methods are commonly used in combination: Hybrid encryption.
Hybrid encryption is essential in TLS, a widely used protocol for secure digital communication. TLS combines symmetric and asymmetric encryption. Symmetric encryption is fast but requires secure key exchange, while asymmetric encryption, using a public-private key pair, securely exchanges the session key. TLS begins with a handshake to establish the session key, followed by efficient symmetric encryption for data transfer. This hybrid approach ensures data security during online activities, such as browsing and email. Ongoing TLS and hybrid encryption advancements are critical for evolving digital security needs.
Originally, AES-128-ECB was used, but significant vulnerabilities were identified that compromised security. Later, AES-128-CBC was introduced, but theoretical attack vectors were also recognized.
Currently, it is recommended to use AES-128-GCM or even better, AES-256-GCM. These encryption methods provide a higher level of security and are widely used in many security-critical applications. In fact, AES-256-GCM and AES-128-GCM are considered quasi-standards for strong encryption techniques today.
Public Key Infrastructure
#DigitalCertificates #Encryption #Authentication #DigitalSignature #CertificateHierarchy #CertificateIssuer #SSLCertificate #CRL #CSR #KeyPair #RootCertificate #IntermediateCertificate #PublicKey #PrivateKey #CertificatePolicies #IdentityProvider #SingleSignOn #DigitalIdentity #CertificateAuthority #CertificateRevocation #RFC5280 #RFC6960
A PKI (Public Key Infrastructure) is a logical, hierarchical construct. But did you know that there are virtually no defined requirements for how you must design or operate your PKI?
For example, there is a misconception that a Root CA (Root Certificate Authority) must always be the starting point of trust within a PKI. Well, that’s only partially correct. It does begin with a Root CA, but that doesn’t necessarily mean that organizations automatically trust it as the starting point. Trust might as well begin with a subordinate CA, and all CAs above it could be completely disregarded—this is where the term „Trust Anchor“ comes into play. Another misconception is that, for instance, RFC5280 provides precise guidelines on how a certificate or certificate chain should be validated. Upon closer examination (already evident from reading the relevant heading), you’ll notice that RFC lays down specifications for the syntax and semantics of X.509 certificates and CRLs (Certificate Revocation Lists). The most critical aspect of the entire document is actually the ASN.1 structure towards the end.
Have you ever wondered if a Key Usage ‚ContentCommitment‘ in a certificate on an IoT device is rather pointless, or who would consciously enter a PIN to grant access to the private signature key in order to imply non-repudiation?
While recommendations are made for how validation can be conducted, it’s important to note that this guidance is merely indicative in nature. A PKI is subject to a multitude of individual decisions, both on the operator’s side and on the side of those who are expected to trust the PKI. A Certification Policy, for instance, serves to facilitate such decisions with relevant information. In theory, it’s possible to have no PKI governance at all and still issue and use certificates. However, this is uncommon and not advisable.
Computer networks / Hacking
#Firewall #Phishing #DoS #DDoS #ZeroDayExploit #EthicalHacking #Spoofing #Backdoor #Botnet #PacketSniffing #Cybersecurity #ARP Poisining #Wireshark #ettercap #tcpdump #Hping3 #Subnetting #Routing #PolicyBasedRouting #NAT #Nmap #Iptables #DNSPoisoning #WEP #WPA #PPTP #IPSec #Layer3-Switching #VLANs #BurpSuite #Hydra #nkito #skipfish #Dmitry #Sqlmap #Maltego #aircrack-ng #Metasploit
Computing networks have fascinated me for as long as I can remember.
Back during my college days, Trojan horses like SubSeven and BackOrifice were classified as mere trojans. Together with a fellow student, we ventured into all sorts of crazy experiments using them. It was a time of exploration and understanding the depths of networked systems.
Even in today’s advanced era, I still find myself diving deep into network intricacies. For instance, dissecting how a TLS 1.3 handshake unfolds in specific scenarios using tools like Wireshark is both enlightening and essential. Ensuring that the precise cipher suite I’ve configured within my Nginx is indeed in use adds an extra layer of satisfaction.
One of my peculiar interests involves scanning my home network with tools like Nmap. It becomes particularly intriguing when I’m considering exposing a service to the internet. After all, it’s crucial to verify that no ports besides the standard 80 or 443 are inadvertently open. Furthermore, confirming that port 22 genuinely hosts an SSH service, as intended, is paramount.
I have experience and expertise in using security tools and methods, including Hydra, Maltego, Burp Suite, Metasploit, SQLMap, and many others. These tools have allowed me to gain profound insights into the realm of information security, serving to uncover and analyze vulnerabilities in systems. My knowledge spans various aspects of cybersecurity, ranging from penetration testing and vulnerability assessments to identifying and remedying security gaps. I am always committed to understanding current security threats and developing effective countermeasures to safeguard the integrity, confidentiality, and availability of data and systems.
Did you know that the three most common forms of DDoS attacks are as follows? First, there’s the „Ping Flood,“ which can be mitigated by simply disabling or restricting ICMP protocol usage. Then, there’s the „SYN Flood“, which initiates a 3-WAY handshake with a SYN packet but never acknowledges it — a behavior recognized by most modern firewalls. Lastly, there’s the „HTTP Get Flood“ with constantly changing User-Agents in the HTTP header.
Detecting such attacks is more challenging, as they mimic seemingly valid service requests behind a firewall. Closing the corresponding port in response could potentially disrupt a critical business service, resulting in significant financial losses.
The intricacies of network security and hacking continue to be both a challenge and a source of fascination for me.
Coding / Scripting
#Python #C #C++ #PHP #Javascript #Java(read-only) #Bash #Others(read-only)
I do not consider myself an experienced programming expert. Nevertheless, during my studies, I was required to tackle various programming tasks. These included creating an online webshop using PHP, developing a mandatory account management system in C++, as well as using Perl and regular expressions to search for specific terms within a Rich Text Format document.
Nowadays, I use Python much more frequently. This includes automating cryptographic operations or generating JOSE-based payloads for transmission over a REST interface. Another passion of mine is programming my Arduino Uno, using the Arduino IDE and C++.
At home, I have set up home automation that allows for the control of actuators and sensor data collection. This home automation is centrally managed through the iOBroker platform, which is based on Node.js. The corresponding routines had to be implemented in JavaScript, while many elements of home automation are interconnected via MQTT.
I also own a HackRF One, which is a software-defined radio (SDR) transceiver capable of receiving and transmitting signals within a wide frequency spectrum. In this context, GNU Radio Companion is the primary programming environment. Some time ago, I programmed both an FM and an AM demodulator with audio output (also known as a radio) using GNU Radio Companion, which is based on Python but is a visual block programming environment.
During a venture into the DarkNet, I relied on a Bash script to automatically register my hidden service with various search engines. For a writing that article, I had to revisit my PHP and HTML knowledge to complete the task.
So, while I wouldn’t label myself a programming expert, it by no means implies that I don’t regularly and diversely engage in programming.
Uncategorized
#chatGPT #Adobe Lightroom #Shotcut #Insomnia #vscode #XCA #OpenSSL #TorBrowser #openVPN #Ubuntu #Docker #Linode #GitHub #VirtualBox #Wordpress
In addition to my professional challenges, where I consistently use a fixed toolset that includes tools like OpenSSL, Insomnia, or Visual Studio Code, the same applies to my personal life.
Whether I’m enhancing vacation photos to perfection with Adobe Lightroom and then transferring them to the Amazon Cloud or creating a year-end retrospective video from countless mobile videos using Shotcut, many programs and services are my constant companions.
Until recently, I had only heard of WordPress in passing, but now I’ve had the opportunity to use it productively, especially with the valuable assistance of ChatGPT.
During my self-study experiments, I also came across the cloud provider Akamai, formerly Linode, which, in my opinion, offers a rather intuitive user interface, making cloud access accessible in the private sphere as well, be it through virtual machines or preconfigured Docker containers.
Next, I plan to develop my own voice assistant using OpenAI and Python. The API key is already in place, my account is funded, and in theory, I’m ready to get started.
Furthermore, I intend to create my own Amazon Alexa Skill with the integration of ChatGPT to introduce my family to the world of artificial intelligence.
There are countless fascinating possibilities, but unfortunately, we all seem to have too little time.
MOST RECENT TASKS at volkswagen AG
Please understand that due to my confidentiality agreement, I am unable to provide too many details…
My Role in Various Projects
Leading the Plug&Charge Project
One of my major responsibilities has been spearheading the Plug&Charge project, where we employed an agile approach to develop a new cross-corporate IoT-PKI standard system. This system was designed to facilitate the provision of digital certificates and trust stores for MCUs and services associated with vehicles, both directly and indirectly. I’ve been fortunate to collaborate closely with a trusted development partner on this endeavor. Those MCUs find their place in a wide range of applications, from electric vehicles such as the ID.3, ID.4, Porsche Taycan, and Audi eTron to public charging stations like Ionity chargepoints. They are also utilized within private settings, powering devices like the ELLI Wallbox and Porsche charging cables. Additionally, they play a pivotal role in functions like the Mobile Device Key.
Overseeing the OCSP Redesign Project
Another significant project I’ve been involved in is the OCSP (Online Certificate Status Protocol) redesign. Recognizing that the existing OCSP infrastructure falls short of meeting the demands of Volkswagen’s ambitious eMobility initiative, we worked diligently to develop a high-performing and scalable solution that includes the necessary interfaces for automated status reporting.
Managing ETSI LCP Certification for the Volkswagen IoT-PKI
Ensuring compliance and trustworthiness in a digital infrastructure is crucial. My role extended to prepare and adapt essential documents, such as Certificate Policies (CPs), Certificate Practice Statements (CPS), process descriptions, GAP analyses, and more. The goal was to secure TÜV certification for both the PKIs dedicated to vehicle functions, underlining our commitment to delivering quality and reliability to our valued customers.
Active Participation in the Cross-Corporate PKI Steering Committee
I hold a significant position as a voting member within the Cross-Corporate PKI Steering Committee. The committee plays a pivotal role in approving external PKIs, conducting comprehensive evaluations and providing recommendations, reviewing security concepts to ensure secure application, issuance, and renewal of digital certificates, as well as formulating and endorsing essential policies and practice statements. The committee’s endorsement is a prerequisite for the implementation of various projects across different departments.
Offering Cross-Consultation for Subsidiaries and Affiliate Companies
My responsibilities extended beyond the core projects providing technical and PKI-related support to partner companies. This included collaborating with organizations like Hubject GmbH and Electrify America as they build and operate their own PKIs and ecosystems as part of the ISO 15118 implementation.
Representing Volkswagen in International Initiatives
I had the privilege of representing Volkswagen within the CharIn Focus Group, contributing to the realization of a new European V2G (Vehicle-to-Grid) provider. This collaborative effort involves esteemed participants such as Innogy, BMW, Stellaris, BP, Shell, and others, all working towards a sustainable and efficient future in eMobility.
Security Consultation and Support
My role included providing invaluable support to various departments within the organization. I was involved in cross-certification initiatives with major players like Apple and other manufacturers for Mobile Device Key 2.0. Additionally, I was responsible for defining secure processes for certificate provisioning at suppliers/manufacturers (online), establishing secure procedures for the delivery of private keys and certificates at suppliers/manufacturers (offline), and outlining a comprehensive quarantine concept that enables the online renewal of expired certificates under specific conditions.
Prototyping Complex Cryptographic Techniques with Python
A significant part of my work involved the prototyping of complex cryptographic procedures using Python. This included tasks like advanced encryption of contract data packets according to ISO 15118 standards. In these projects, Volkswagen leverages X.509 certificates with ECC (Elliptic Curve Cryptography), Diffie-Hellmann session keys, key derivation, AES-128-CBC, ECDSA, and more. To ensure the utmost reliability, I developed a Python-based test suite for thoroughly verifying all interfaces and cryptographic operations of the IoT standard system.
Continual Learning and Review In addition to my project work, I maintain an ongoing commitment to learning. This includes regularly reviewing RFCs (Request for Comments), ISO standards such as ISO 15118, other industry-specific standards like OCPP (Open Charge Point Protocol), and a plethora of corporate and international guidelines and recommendations, such as those from NIST and BSI.
Currently
I am currently engaged in the design phase of a Crypto-Agile PKI (Public Key Infrastructure) that strives to meet the demands of a true IoT (Internet of Things) PKI.
This endeavor encompasses a wide range of aspects, from the scope of its application to the multitude of potential cryptographic algorithms and various innovative approaches. The landscape of IoT is vast and diverse, spanning across industries and applications, from smart homes and connected vehicles to industrial automation and healthcare.
With this in mind, the design of our Crypto-Agile PKI is being carefully crafted to accommodate this broad spectrum of use cases. It aims to provide a robust and flexible cryptographic framework that can seamlessly adapt to the specific security needs of various IoT deployments. One of the defining characteristics of this PKI is its crypto-agile nature.
In a rapidly evolving cryptographic landscape, the ability to support a multitude of cryptographic algorithms is paramount. The PKI is being engineered to accommodate both established and emerging algorithms, ensuring that it remains resilient and secure in the face of evolving threats.
Furthermore, our design incorporates innovative approaches to address the unique challenges posed by IoT security. This includes exploring novel methods for key management, secure device onboarding, and efficient certificate provisioning tailored to IoT devices, which often operate with resource constraints.
The ultimate goal of this Crypto-Agile PKI is to provide a foundation of trust and security for the burgeoning IoT ecosystem. As IoT devices become increasingly integrated into our daily lives and critical infrastructure, ensuring their security and privacy is of utmost importance.
With a robust, flexible, and innovative PKI, we aim to meet the evolving demands of IoT security and contribute to a safer and more secure connected world.