Krystian Hebel

Firmware Engineer interested mostly in things omitted from documentation. Jack of all trades, master of none.

Social media profiles

Check GitHub profile

Articles (13)

5 terms every hypervisor developer should know

Published at April 30, 2019 ·  11 min read

This is the first post of a series about developing bare-metal hypervisors. It introduces to Intel's VMX technology, describes interactions between a virtual machine and a hypervisor as well as gives some insight on the control structures required. This post should give some theoretical knowledge base required for the next ones, in which we will implement a basic hypervisor....

Categories: firmware

How to mitigate ROCA TPM vulnerability?

Published at April 17, 2019 ·  9 min read

ROCA vulnerability was discovered (October 2017) in a software library, RSALib, provided by Infineon Technologies. That library is also used in TPM modules. When this vulnerability is present, a pair of prime numbers used for generating RSA keys is chosen from a small subset of all available prime numbers. This results in a great loss of entropy. Details and exact numbers can be found here. Discovering whether TPM is vulnerable All vulnerable keys have the same structure....

Categories: firmware security

Enabling ECC on PC Engines platforms

Published at October 16, 2018 ·  14 min read

In this post I want to share some findings about ECC on PC Engines apu platforms. I’ll try to shortly describe what ECC is, why is it so desired, what problems with enabling this feature were encountered and how to test whether ECC works or not using MemTest86. Introduction Sometimes a bit in RAM changes its value spontaneously due to electrical or magnetic interference. It can be caused by background radiation, cosmic rays or recently attacks using row hammering....

Categories: firmware