<

Paul Rogers

Independent Software Developer (Knoxen)

More than a few years experience in software startups, ocean science research, and taking life one breath at a time.

Past Activities

Paul Rogers
Code BEAM SF 2018
15 Mar 2018
14.40 - 15.25

Is Security on Your Nerves?

Help me HTTPS, you’re my only hope! Then again, maybe not.

In this presentation I’ll show an iPad app that communicates with three Raspberry Pi 3 devices, each controlling a stop light via Elixir and Nerves. So how do we secure the communication such that only the iOS app controls the lights?

We'll look at three RPi3 setups, each identical save one very important, security related difference:

  • no security (http),
  • TLS based security (https),
  • and application layer security (srpc).

We'll discuss why systems based on RSA, initially designed to solve an open system problem, should not be applied in a rote manner to closed system problems. And we'll look at how the Secure Remote Password (SRP) protocol can offer mutually authenticated application layer security that leaves no room for Man-in-the-Middle issues and attacks.

Media

Articles: 1

Is Security on Your Nerves? - SLIDES - Code BEAM SF 2018

Article by Paul Rogers

Slides from Paul Rogers's talk "Is Security on Your Nerves?" - Code BEAM SF 2018

READ MORE

Videos: 1