Community Call - FOAM Location Update 6/28


#1

Community Call - FOAM Location Update

The next community call will be on FOAM Location, focusing on our recent milestone of processing and validating a Presence Claim over radio with Plasma and Tendermint :crystal_ball::zap::radio::chains:

:alarm_clock: 9am PST - 12 noon EST - 6pm CET - 10pm CST
:spiral_calendar: Friday 28th of June 2019

Sign up here.

FOAM Location is a permissionless and autonomous network of radios that offer secure location services through time synchronization, independent of centralized sources like GPS. You can read more below about our recent demo where a presence claim was validated across:

  1. Root Chain (Ethereum w Plasma MVP) :chains:
  2. Sidechain (FourthState PlasmaMVP Tendermint) :loop:
  3. Radio (ZoneAnchor Prototype, pictured) :radio:

#2

Rick Dudley (@afdudley) will join the call as a guest. Rick has been invaluable for the development of FOAM Location with his additions and feedback.

Looking forward!


#3

Hi, interested in listening in – how do i get on the call?


#4

We are live!
Join us for the FOAM Location Update Community Call here:


#5

@benfieldk ^ tune in on the YouTube link


#6

I’m just getting to watch this now. I am seeing repeated references to a Private key embedded into a hardware radio. I have serious misgivings about this as I am aware of extensive hardware attacks upon ‘Secret’ hardware designs [1] and I think this is going to end up being a type of security through obscurity.

I am going to challenge this idea and ask the team to consider the repercussions of pre-storing a private key in hardware:

  1. The private key is known to more than one entity.
  2. The private key is by stated design, unchangeable and thus this will make hardware that is not upgradable if a future vulnerability is found.

I also am concerned this could be a step away from using COTS commodity hardware for the radio component.

That being said, I am interested in SDR implementations that are software at the core and extremely upgradable by implementing patches and feature upgrades.

[1] extracting the private key from a trezor
Side channel attacks are not as difficult as many people think. A simple power analysis requires only a simple oscilloscope and that can hardly be called expensive laboratory equipment. You also need basic soldering skills and deep knowledge about the code that is running. It took only a single recording of the computation of the public key, to recover the private key. On the bright side, this simple side channel attack can be mitigated by using constant-time code and as I showed this code does not have to be slow.


#7

I really enjoyed this video and am as excited as ever by this project. Thanks for making the effort to keep everyone updated on your progress, @Ryan_foam–it’s appreciated by many of us.