44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick
-
Upload
44con -
Category
Technology
-
view
308 -
download
0
description
Transcript of 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick
![Page 1: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/1.jpg)
44CON 2014Joe FitzPatrick
Simple Hardware Sidechannel Attacks for 10GBP or Less
![Page 2: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/2.jpg)
What are Side Channel Attacks?
f(x)=y
![Page 3: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/3.jpg)
What are Side Channel Attacks?
f(x)=y
input
![Page 4: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/4.jpg)
What are Side Channel Attacks?
f(x)=youtput
![Page 5: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/5.jpg)
What are Side Channel Attacks?
f(x)=y
HOW?
![Page 6: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/6.jpg)
What are Side Channel Attacks?
f(x)=yHow long does it take?
How much power does it consume?How does it react to temperature?How much EMI does it give off?
How does it affect g(), h(), and i()?How is it affected by x&y?
![Page 7: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/7.jpg)
What does HARDWARE buy us?
Does network latency hide sidechannels?
![Page 8: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/8.jpg)
What does HARDWARE buy us?
Does network latency hide sidechannels?
If not, does it obscure them?
![Page 9: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/9.jpg)
What does HARDWARE buy us?
Does network latency hide sidechannels?
If not, does it obscure them?
How about software latency?
![Page 10: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/10.jpg)
What does HARDWARE buy us?
Does network latency hide sidechannels?
If not, does it obscure them?
How about software latency?
Often, hardware permits observation with fixed, deterministic latencies
![Page 11: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/11.jpg)
State of the Art Approach
Expensive Scopes ($10k+)Expensive Probes ($2k+)
Expensive software ($2k+)Smart People ($?)
Custom software to glue it all together
![Page 12: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/12.jpg)
So what’s wrong with that?
Encryption is complicated
![Page 13: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/13.jpg)
So what’s wrong with that?
Encryption is complicated
Math is hard
![Page 14: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/14.jpg)
So what’s wrong with that?
Encryption is complicated
Math is hard
Money is expensive
![Page 15: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/15.jpg)
So what’s wrong with that?
Encryption is complicated
Math is hard
Money is expensive
Hardware SCAs seem too difficult to most people
![Page 16: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/16.jpg)
My Objective?
Side Channel Attacks for every
Man, Woman, and Child
![Page 17: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/17.jpg)
My Objective?
Side Channel Attacks that anyone can understand
and reproduce at home
![Page 18: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/18.jpg)
My Objective?
Side Channel Attacks as part of
Common Core State Standards?
![Page 19: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/19.jpg)
My Target
![Page 20: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/20.jpg)
My Budget
![Page 21: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/21.jpg)
Simplifying Timing Attacks
![Page 22: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/22.jpg)
teh codez
![Page 23: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/23.jpg)
teh codez
![Page 24: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/24.jpg)
Finally,Some Hardware
![Page 25: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/25.jpg)
Preparing for observation
![Page 26: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/26.jpg)
Time is on your side...
what matchestest to test time time increment, us
null 19.13
0 char 31.56 12.43
1 char 32.88 1.32
2 char 34.18 1.3
3 char 35.51 1.33
4 char 36.63 1.12
![Page 27: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/27.jpg)
But what about the real world?
![Page 28: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/28.jpg)
But what about the real world?
![Page 29: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/29.jpg)
The 00’s called, they want their DIPs back
![Page 30: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/30.jpg)
The 00’s called, they want their DIPs back
![Page 31: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/31.jpg)
The LED Reach-Around Attack
![Page 32: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/32.jpg)
Or just trigger the solenoid...
![Page 33: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/33.jpg)
Easy Fix!
![Page 34: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/34.jpg)
Or is it?
![Page 35: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/35.jpg)
SIMPLE power analysis
![Page 36: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/36.jpg)
State of the Art Approach
Expensive Scopes ($10k+)Expensive Probes ($2k+)
Expensive software ($2k+)Smart People ($?)
Custom software to glue it all together
![Page 37: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/37.jpg)
“Cheapskate” approach
Colin O’Flynn - http://www.newae.com/
![Page 38: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/38.jpg)
My Approach
![Page 39: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/39.jpg)
![Page 40: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/40.jpg)
Building a BoardU1 AD9200ARZ 20msps 10-bit A/D converter
U2 AD8130ARMZ differential amplifier
U3 VAT1-S5-D12-SMT 5v to +-12v converter
C1-C8 0603 SMT Capacitor .1uF
C11-16 0805 SMT Capacitor 10uF
R3 0603 SMT resistor 150 ohm
R4 0603 SMT resistor 10 ohm
Rv 0603 SMT resistor 1 ohm
Rg 0603 SMT resistor 100 ohm
Rf1 0603 SMT resistor 1k ohm
$18.50 + shipping!
![Page 41: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/41.jpg)
Alternate Build Options
Differential Amplifier: AD8129 vs. AD8130
Gain setting circuit: Rf=1k Ohm resistor or Rf1=10k Ohm Potentiometer
Voltage Regulator Load: R1=R2= 2.4k Ohm resistors for a dummy load
![Page 42: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/42.jpg)
Alternate Build 2⅞” Split Key Ring
Key (load tested to 3 keys)
![Page 43: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/43.jpg)
Alternate Build 3*
Fiberglass dust from filing boards
Rolled up sticker from swag bag
* not tested or recommended
![Page 44: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/44.jpg)
Shunting High and Shunting Low
![Page 45: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/45.jpg)
Shunting High and Shunting Low
![Page 46: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/46.jpg)
Target modification
Bypass VRM & Enable clock out via fuse
![Page 47: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/47.jpg)
![Page 48: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/48.jpg)
Characterizing Instructions
![Page 49: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/49.jpg)
Characterizing Instructions
![Page 50: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/50.jpg)
Sources of ‘Noise’
![Page 51: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/51.jpg)
Pretty Software Frontend
This slide intentionally left blank
![Page 52: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/52.jpg)
Back to Lockpicking….
![Page 53: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/53.jpg)
Back to Lockpicking….Keypad Entry Idle begins idle ends diff
1-2-3-4 2021972.5 2039705.5 17733
1-2-3-3 4574962.5 4592694.5 17732
1-2-2-2 5565872.5 5583603.5 17731
1-1-1-1 3234456 3252186 17730
5-5-5-5 7314302 7332031 17729
![Page 54: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/54.jpg)
Rev 1.1
![Page 55: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/55.jpg)
Rev 1.1
![Page 56: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/56.jpg)
I’ll show you my O(scope)-Face
![Page 57: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/57.jpg)
Future Improvements
Pretty SoftwareTunable clock offset
Tuneable amplifier offset for higher gainsfix AD8129
Integrate EZ-USBFX2 and synch clock
![Page 58: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/58.jpg)
But Wait!
![Page 59: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/59.jpg)
There’s More!
![Page 60: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/60.jpg)
© 2014 Hardware Security Resources, LLC.
Sidechannel Attacks
Non-Invasive = no hardware modification Invasive = hardware modificaiton
Passive = observation only Simple timing analysis with an o-scope/LA
Power analysis - may require removing decoupling capacitors
Decapping and imaging the die
Active = simulating input
Clock shrinking/skewing
Reset pulses
Synthetic power droop
Modifying power/clock circuits
Decapping and stimulating/altering logic and power circuits
![Page 61: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/61.jpg)
For another 10GBP, can we do some glitching?
![Page 62: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/62.jpg)
Normal Operation
![Page 63: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/63.jpg)
The Real Boundary...
![Page 64: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/64.jpg)
Failing region
![Page 65: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/65.jpg)
Optimal Condition
![Page 66: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/66.jpg)
Voltage Glitching
![Page 67: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/67.jpg)
Frequency Glitching
![Page 68: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/68.jpg)
But when?But how?
![Page 69: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/69.jpg)
Die Datenkrake?
![Page 70: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/70.jpg)
Die Datenkrake?
Zu Teuer!
![Page 71: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/71.jpg)
EZ-USB FX2?
![Page 72: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/72.jpg)
EZ-USB FX2?
Too Slow!
![Page 73: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/73.jpg)
● Glitching device outputs a clock● Tie an interrupt pin to a trigger on the target● Program a configurable software delay● Toggle a pin tied to a pulse generator● AND the pulse generator with your clock
![Page 74: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/74.jpg)
© 2014 Hardware Security Resources, LLC.
Sidechannel Attacks in the Wild
![Page 75: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/75.jpg)
© 2014 Hardware Security Resources, LLC.
Sidechannel Attacks in the WildDetails for the fat hack
========================
On fats, the bootloader we glitch is CB, so we can run the CD we want.
cjak found that by asserting the CPU_PLL_BYPASS signal, the CPU clock is
slowed down a lot, there's a test point on the motherboard that's a
fraction of CPU speed, it's 200Mhz when the dash runs, 66.6Mhz when the
console boots, and 520Khz when that signal is asserted.
https://github.com/gligli/tools/blob/master/reset_glitch_hack/reset_glitch_hack.txt
![Page 76: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/76.jpg)
© 2014 Hardware Security Resources, LLC.
Sidechannel Attacks in the Wild - We assert CPU_PLL_BYPASS around POST code 36 (hex).
- We wait for POST 39 start (POST 39 is the memcmp between stored hash and
image hash), and start a counter.
- When that counter has reached a precise value (it's often around 62% of
entire POST 39 length), we send a 100ns pulse on CPU_RESET.
- We wait some time and then we deassert CPU_PLL_BYPASS.
- The cpu speed goes back to normal, and with a bit of luck, instead of
getting POST error AD, the boot process continues and CB runs our custom
CD.
https://github.com/gligli/tools/blob/master/reset_glitch_hack/reset_glitch_hack.txt
![Page 77: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/77.jpg)
Matrix Glitcher code...
![Page 78: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/78.jpg)
Back to our test system…
![Page 79: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/79.jpg)
![Page 80: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/80.jpg)
Further implementation is still WIP
- ATMEGA328p needs to be undervolted to work- Needs to provide the trigger itself for now
![Page 81: 44CON 2014 - Simple Hardware Sidechannel Attacks for 10 GBP or Less, Joe FitzPatrick](https://reader033.fdocuments.us/reader033/viewer/2022051817/547bd473b4af9fe2158b4fbb/html5/thumbnails/81.jpg)
Joe FitzPatrick@securelyfitz
http://www.securinghardware.com
Questions?