In the morning I finished figuring out how Vivotek cameras store private keys for AWS KVS streaming. They are encrypted on disk. Disassembling some executables I managed to reverse engineer the encryption keys. Apparently Vivotek things obscurity is security… With the encryption keys we can switch to a custom made solution, while reusing the same certificates as before.
You're upset that an encrypted stream needs encryption keys? And that you need physical access, the binaries themselves, and reverse engineering tools to get them?
I think you'll be surprised to learn you can do the same thing to any program which encrypts data
No, I’m not upset. Private keys are necessary, that’s fine. Vivotek encrypts them additionaly, but stores the encryption keys right next to the encypted data.
One could use TPM chip to store the keys, rather than such useless obscure encryption, which looks secure, but it’s not.
mdavid626 3 hours ago | prev | next [–]
In the morning I finished figuring out
They are encrypted on disk. Apparently Vivotek things obscurity is security… to a custom made solution, You go back, Jack. Do it again.World spinning round and round.