Author: Matti Aarnio

In cryptography we have things that are proven to be insecure, or proven to be secure, and a big collection of things that are neither.  The PKCS#1 v1.5 signature security happens to be in this kind of middle ground, and …

Proof towards “PKCS#1v1.5 signature is secure” Read More »

Have we really lost the SIM card security? Of course not. Lately news has reported multiple SIM card attacks[1][2][3]. In both of these cases the SIM card lets third parties to do undesirable things because SIM card security is (at …

SIMjacker, WIBattach, All Security Lost? Read More »

The public key system has two accompanying data, the public key and private key. The private key is used to securely create an electronic signature (or decrypt a message). The key is held strictly in the security containment of the …

PKI Security: Smartphone Apps vs. SIM applets Read More »

Latest news on smart card based security solutions tells that once again one vendor has produced low quality firmware for RSA key generation. What makes it even worse is that this hazard was caught up only after cards had been …

ROCA – Vulnerable RSA Key Generation on Some Smart Cards Read More »

Tagged with: ,

What are Advanced Electronic Signatures? An advanced electronic signature (AdES) is an electronic signature that meets the requirements defined by the EU Regulation No 910/2014 on electronic identification and trust services for electronic transactions. This regulation is under a standard …

Advanced Electronic Signatures and Mobile ID Read More »

Tagged with: , , , ,

The motivation of this blog post is to show an estimation of the time to complete a mobile ID transaction using SMS bearer in some mobile network technologies like 2G, 3G, and 4G. The figure below describes the flow of …

Mobile ID SMS Bearer Latency in Some Mobile Network Technologies Read More »

Tagged with:

The research result on October 2015 from Dutch CWI did estimate that actual finding of two messages that collide producing same hash value will be possible in cost in order of $100 000. See our previous: SHA-1 is no longer considered …

SHA-1 Hash Collision Demonstrated – At Predicted Cost Levels Read More »

Methics will be exhibiting the Kiuru MSSP solution for Mobile ID and Mobile Connect Services at the Mobile World Congress 2017. Meet us at the Finland Pavilion, stand 5F31 in Hall 5, where we will be exhibiting the solution. Please reserve a meeting with …

Meet us at MWC2017 Read More »

Tagged with: ,

The AfricaCom is the largest and most influential Africa-focused tech event in the world – the meeting place for those driving Africa’s digital transformation. With the theme: “Economic Development and Social Empowerment through Digital Connectivity”, AfricaCom 2016, aims to elevate …

Methics at AfricaCom 2016 – 15th to 17th November, 2016 Read More »

The “SIM-less” in this context is a collection of all those techniques that do not use a SIM as a secure tamper proof hardware to implement the place for running the secure element function with a precisely known runtime environment. …

SIM-less authentication Read More »