Unlike the land, sea, air and space where the laws of physics do not change, cyberspace is a man-made creation that continually changes and evolves - operating securely in this kind of environment requires that we properly manage a wide variety of disciplines.
As always, the team at US-CERT put together another fantastic GFirst conference with great speakers, panelists and security related debate. Our favorite benefit of attending GFirst is meeting with friends and colleagues from past years, and getting to see how fast and strong the GFirst community is growing.
Bill presented Authenticating TCP/IP Before Connection Establishment - How to protect critical infrastructure from cyber-attack when TCP/IP allows connections from anonymous users.
The audience asked thought provoking questions and it was awesome to see enthused interested in BlackRidge's Transport Access Control (TAC). After the presentation was complete, questions ranged from, possible deployment scenarios to how are we overcoming the collision potential with a 32bit token?
Take a look at our solutions page to answer the question on industry deployments and for the 32bit collision question - there are 4.294 Billion possibilities and there is a chance to match two token (aka hash collision) - collisions are minimized in two ways:
1) by the introduction of time in TAC, and
2) by network physics. Network phsyics would require an attacker to flood a TAC protected customer with 4.294 Billion packets to get one collision; but then all they have is a connection. The attacker would still have to navigate the rest of the infrastructure security architecture.
If you thought of other questions, let us know!
If you missed the BlackRidge GFirst presentation, all is not lost. Here it is. We'll let you attempt your own Bill Billings CSO voiceover. Though, if you wanted a personalized discussion, we could try and arrange something.
A big shout out thank you to the GFirst team on inviting BlackRidge to present at the event!
We look forward to our next event.