Krystian Hebel

Firmware Engineer interested mostly in things omitted from documentation. Jack of all trades, master of none.

Social media profiles

Check GitHub profile


Articles (12)


How to mitigate ROCA TPM vulnerability?

Published at April 17, 2019 ·  9 min read

ROCA vulnerability was discovered (October 2017) in a software library, RSALib, provided by Infineon Technologies. That library is also used in TPM modules. When this vulnerability is present, a pair of prime numbers used for generating RSA keys is chosen from a small subset of all available prime numbers. This results in a great loss of entropy. Details and exact numbers can be found here. Discovering whether TPM is vulnerable All vulnerable keys have the same structure....

Categories: firmware security

Enabling ECC on PC Engines platforms

Published at October 16, 2018 ·  14 min read

In this post I want to share some findings about ECC on PC Engines apu platforms. I’ll try to shortly describe what ECC is, why is it so desired, what problems with enabling this feature were encountered and how to test whether ECC works or not using MemTest86. Introduction Sometimes a bit in RAM changes its value spontaneously due to electrical or magnetic interference. It can be caused by background radiation, cosmic rays or recently attacks using row hammering....

Categories: firmware