https://icedev.pl/
Michał Leszczyński
A minimal, portfolio, sidebar, bootstrap Jekyll theme with responsive web design and focuses on text presentation.
2024-01-29T13:42:56+01:00
Michał Leszczyński
https://icedev.pl/
Jekyll
© 2024 Michał Leszczyński
/assets/img/favicons/favicon.ico
/assets/img/favicons/favicon-96x96.png
Setting up EV Code Signing on Google HSM with FIPS 140-2 Level 2 compliance and attestation proof
2023-03-25T00:00:00+01:00
2023-03-25T00:00:00+01:00
https://icedev.pl/posts/setting-up-ev-code-signing-google-hsm-fips-140-2/
Michał Leszczyński
Many Certificate Authorities had recently tightened the requirements for using EV Code Signing Certificates. The
industry standard is now that you need to either host your certificate’s private key on a physical USB token, or you can
load it to the compliant Hardware Security Module (HSM). However, using a USB dongle would cause a lot of struggle with
the modern Continuous Integration pipelines...
NFC tags with asymmetric cryptography (RSA/ECC) and their advantages
2021-07-19T00:00:00+02:00
2021-07-19T00:00:00+02:00
https://icedev.pl/posts/nfc-tags-with-rsa-ecc-cryptography/
Michał Leszczyński
As of mid 2021, the market of NFC tags is dominated with the solutions that are either using symmetric cryptography (AES) or are missing cryptographic features at all. It is possible to cover lots of possible applications with these products. However, in some cases it is necessary to actually use RSA/ECC in order to provide best security and user experience.
One of the most important features ...
Open-source implementation of Secure Unique NFC Messaging backend
2019-12-29T00:00:00+01:00
2019-12-29T00:00:00+01:00
https://icedev.pl/posts/secure-unique-nfc-messaging-backend/
Michał Leszczyński
NTAG 424 DNA is a new NXP product which features Secure Unique NFC Message. From the user perspective, this is an ordinary NFC Forum Type 4 Tag that could point to some web address after it’s scanned. What is unique about this particular product is that it is able to return a different message (i.e. URL address with variable parameters) each time it gets scanned. A message may feature a read co...
Proof of concept: Over-the-air Top-up with MIFARE DESFire EV1 cards
2019-12-28T00:00:00+01:00
2019-12-28T00:00:00+01:00
https://icedev.pl/posts/over-the-air-nfc-services-mifare/
Michał Leszczyński
When studying MIFARE DESFire EV1 communication, one may notice that these cards offer both secure AES authentication and the Secure Messaging feature. This means that some operations (sometimes) could be performed securely even when there are some untrusted proxies/sniffers between the communication sides (namely the card and the readers).
First, let’s talk a little bit about what are the abo...
Meltdown and Spectre explained: Processor hacking (PL)
2018-03-26T00:00:00+02:00
2018-03-26T00:00:00+02:00
https://icedev.pl/posts/processor-hacking/
Michał Leszczyński
“Processor hacking” blog post series recently published on “Zaufana Trzecia Strona” is an attempt to show a logical string between processor optimizations and existence of Meltdown and Spectre attacks. As per now, these articles are available only in polish. Special thanks for Jarosław Jedynak and Michał Purzyński for their contribution in these articles.
Part 1: Processor optimizations (PL...