Hardwear.io NL 2023 | Triple Exploit Chain With Laser Fault Injection On A Secure Element - Olivier

แชร์
ฝัง
  • เผยแพร่เมื่อ 26 พ.ย. 2023
  • We identified a new vulnerability allowing an attacker to extract internal EEPROM masking keys using a very long laser pulse while the circuit is running. The knowledge of those keys leverage two new attacks that we also identified during this work, which are authentication and session key derivation hijacking. To achieve this, EEPROM data readout by the processor is overridden using laser illumination. By chaining all three attacks, we were able to access a protected secret key. This was applied to a real device, a hardware wallet for which we managed to extract the seed, but this chip is also widely used in many IoT applications. This attack may be applicable to the previous revisions as well.
    This work was conducted in a black box approach, with background experience of previous attacks on less secure devices from this family. Due to the very high number of faults required to retrieve the secret key, it is to this day the most complex multiple laser fault injection attack ever presented.
    Finally, to prove that we were able to perform this attack, the hardware wallet manufacturer using this secure element sent us three devices to break as a challenge. Sample preparation was risky, and we broke two wallets when trying to desolder the circuits or decapsulate the packages to access the silicon. We will, in addition to the laser attack, present hints and tricks we developed to overcome these practical difficulties, resulting in the successful wallet seed recovery of the last remaining challenge wallet !
    #hw_ioNL2023 #faultinjection #IoT
    -------------------------------------------------------------------------------------------------------------------------------------------------------
    Website: hardwear.io
    X : / hardwear_io
    LinkedIn: / hardwear.io-hardwarese...
    Facebook: / hardwear.io
  • วิทยาศาสตร์และเทคโนโลยี

ความคิดเห็น • 2

  • @WhatYouHaventSeen
    @WhatYouHaventSeen 8 หลายเดือนก่อน +2

    Very impressive work. Well done!

  • @rodsilva80
    @rodsilva80 8 หลายเดือนก่อน

    Well done!

ต่อไป
เล่นอัตโนมัติ
Next-Gen Exploitation: Exploring The PS5 Security Landscape by Specter | hardwear.io USA 202329:53Next-Gen Exploitation: Exploring The PS5 Security Landscape by Specter | hardwear.io USA 2023
Next-Gen Exploitation: Exploring The PS5 Security Landscape by Specter | hardwear.io USA 2023hardwear.io
มุมมอง 7K
Hardwear.io NL 2023 | Hacking A Smart Doorbell: An IoT Hacking Guide - Daniel Schwendner36:14Hardwear.io NL 2023 | Hacking A Smart Doorbell: An IoT Hacking Guide - Daniel Schwendner
Hardwear.io NL 2023 | Hacking A Smart Doorbell: An IoT Hacking Guide - Daniel Schwendnerhardwear.io
มุมมอง 1.1K
The moment we stopped understanding AI [AlexNet]17:38The moment we stopped understanding AI [AlexNet]
The moment we stopped understanding AI [AlexNet]Welch Labs
มุมมอง 848K
เลือกยากจัง Ep.2 #แป๋มวัดดวง #freefire00:21เลือกยากจัง Ep.2 #แป๋มวัดดวง #freefire
เลือกยากจัง Ep.2 #แป๋มวัดดวง #freefireแป๋มวัดดวง
มุมมอง 120K
Billkin, PP Krit - ยอม (Surrender) - Live Session (BILLKIN PP KRIT x BUS7)03:31Billkin, PP Krit - ยอม (Surrender) - Live Session (BILLKIN PP KRIT x BUS7)
Billkin, PP Krit - ยอม (Surrender) - Live Session (BILLKIN PP KRIT x BUS7)Billkin & PP Krit Official
มุมมอง 245K
Younger Brother Cheating with Elder Brother 🤣🤣 | Surprise Challenge Aayush & Abhay #shorts #viral00:32Younger Brother Cheating with Elder Brother 🤣🤣 | Surprise Challenge Aayush & Abhay #shorts #viral
Younger Brother Cheating with Elder Brother 🤣🤣 | Surprise Challenge Aayush & Abhay #shorts #viralASquare Crew
มุมมอง 32M
HILIGHT : Manchester City 4-2 Chelsea | FC Series 2024 | 04.08.2408:29HILIGHT : Manchester City 4-2 Chelsea | FC Series 2024 | 04.08.24
HILIGHT : Manchester City 4-2 Chelsea | FC Series 2024 | 04.08.24BG SPORTS
มุมมอง 236K
2022 - Fault Injection on a modern multicore System on Chip51:262022 - Fault Injection on a modern multicore System on Chip
2022 - Fault Injection on a modern multicore System on ChipMCH2022
มุมมอง 2.6K
Breaking SoC Security By Glitching OTP Data Transfers by Cristofaro Mune | hardwear.io USA 202244:30Breaking SoC Security By Glitching OTP Data Transfers by Cristofaro Mune | hardwear.io USA 2022
Breaking SoC Security By Glitching OTP Data Transfers by Cristofaro Mune | hardwear.io USA 2022hardwear.io
มุมมอง 1.7K
Top 10 Secure Boot Mistakes | Jasper Van Woudenberg | hardwear.io USA 201946:34Top 10 Secure Boot Mistakes | Jasper Van Woudenberg | hardwear.io USA 2019
Top 10 Secure Boot Mistakes | Jasper Van Woudenberg | hardwear.io USA 2019hardwear.io
มุมมอง 6K
Hardwear.io NL 2023 | Understanding Physics To Break AES With Side-channel Hardware -Stephan & Roman40:42Hardwear.io NL 2023 | Understanding Physics To Break AES With Side-channel Hardware -Stephan & Roman
Hardwear.io NL 2023 | Understanding Physics To Break AES With Side-channel Hardware -Stephan & Romanhardwear.io
มุมมอง 2.4K
bd-jb: Blu-ray Disc Java Sandbox Escape by Andy Nguyen | hardwear.io USA 202231:23bd-jb: Blu-ray Disc Java Sandbox Escape by Andy Nguyen | hardwear.io USA 2022
bd-jb: Blu-ray Disc Java Sandbox Escape by Andy Nguyen | hardwear.io USA 2022hardwear.io
มุมมอง 18K
COSIC seminar "Design Considerations for EM Pulse Fault Injection" (Arthur Beckers)17:11COSIC seminar "Design Considerations for EM Pulse Fault Injection" (Arthur Beckers)
COSIC seminar "Design Considerations for EM Pulse Fault Injection" (Arthur Beckers)COSIC - Computer Security and Industrial Cryptography
มุมมอง 449
How Secure Shell Works (SSH) - Computerphile9:20How Secure Shell Works (SSH) - Computerphile
How Secure Shell Works (SSH) - ComputerphileComputerphile
มุมมอง 815K
EEPROM and STM32 || I2C || Multi Page Write and Read21:20EEPROM and STM32 || I2C || Multi Page Write and Read
EEPROM and STM32 || I2C || Multi Page Write and ReadControllersTech
มุมมอง 41K
One Glitch to Rule Them All: Fault Injection Attacks Against the AMD Secure Processor33:28One Glitch to Rule Them All: Fault Injection Attacks Against the AMD Secure Processor
One Glitch to Rule Them All: Fault Injection Attacks Against the AMD Secure ProcessorBlack Hat
มุมมอง 4.9K
วิธีเรียกกลับบ้าน ฮ สเกล GPS (Return To Home ) บินง่ายๆ ใครก็บินได้ #tumrotor #shots #rchelicopter01:01วิธีเรียกกลับบ้าน ฮ สเกล GPS (Return To Home ) บินง่ายๆ ใครก็บินได้ #tumrotor #shots #rchelicopter
วิธีเรียกกลับบ้าน ฮ สเกล GPS (Return To Home ) บินง่ายๆ ใครก็บินได้ #tumrotor #shots #rchelicopterTUMROTOR SHOP
มุมมอง 108K
I'll tell you who has the strongest iPad keyboard #ipadkeyboard 3ipadcase #typecase #ipad00:24I'll tell you who has the strongest iPad keyboard #ipadkeyboard 3ipadcase #typecase #ipad
I'll tell you who has the strongest iPad keyboard #ipadkeyboard 3ipadcase #typecase #ipadTypecase
มุมมอง 11M
AppleCare+ ใช้มาเป็นสิบครั้ง เดี๋ยวพงเล่าให้ฟัง34:50AppleCare+ ใช้มาเป็นสิบครั้ง เดี๋ยวพงเล่าให้ฟัง
AppleCare+ ใช้มาเป็นสิบครั้ง เดี๋ยวพงเล่าให้ฟังSUPERTOMMO
มุมมอง 45K
Homemade mobile phone cooling device, the phone does not get hot and can be used as a stand. I n00:11Homemade mobile phone cooling device, the phone does not get hot and can be used as a stand. I n
Homemade mobile phone cooling device, the phone does not get hot and can be used as a stand. I nToy Kid
มุมมอง 32M
 14 Pro Max premium case white colour with metal camera ring free  heart case scratch proof 00:50 14 Pro Max premium case white colour with metal camera ring free  heart case scratch proof 
 14 Pro Max premium case white colour with metal camera ring free  heart case scratch proof Rj Mobile 01
มุมมอง 15M
เส้นทางลูกผู้ชายของ Sony กับการสร้าง PlayStation | THE ENERGY01:00เส้นทางลูกผู้ชายของ Sony กับการสร้าง PlayStation | THE ENERGY
เส้นทางลูกผู้ชายของ Sony กับการสร้าง PlayStation | THE ENERGYTHE ENERGY
มุมมอง 165K
เหตุผลที่ผมซื้อ PS Vita ในปี 2024 #เกมกับshorts #เกม #gfr01:00เหตุผลที่ผมซื้อ PS Vita ในปี 2024 #เกมกับshorts #เกม #gfr
เหตุผลที่ผมซื้อ PS Vita ในปี 2024 #เกมกับshorts #เกม #gfrGUFUNNAROCK
มุมมอง 425K
021 New 2 Camera Phone00:42021 New 2 Camera Phone
021 New 2 Camera PhoneTech Official
มุมมอง 575K