Breaking Into Embedded Devices: Side Channel Analysis and Fault Injection

Jasper van Woudenberg, Riscure | August 2-3


On This Page


Overview

Secure boot, trusted execution environments and many other security mechanisms depend on the security of the underlying hardware. What if we can break the actual hardware? And what if that's EASIER than breaking the software?

Side channel analysis and fault injection are techniques to break various security mechanisms, allowing an attack to load arbitrary firmware code and discover secrets such as cryptographic keys and PINs from hardware and embedded software. They were first (publicly) discovered on smart cards in response to the major platforms becoming highly resistant against ‘software’ attacks. Now that this type of security is becoming more widely understood and implemented on most embedded systems, attackers are also moving into the field of hardware attacks.

Side channel analysis is achieved by listening to and understanding the information that (hardware) channels emit when processing information. Fault injection is accomplished by forcing hardware into operating conditions outside of spec; causing a circuit to introduce errors in its computation.

This course provides an understanding of the possibilities and impact of these techniques and explains how you can protect against them through a hands-on approach. Besides the necessary theory, students will perform exercises themselves in which they will, for instance, break a DES key through power analysis. Further, in another exercise, each student is challenged to devise their own countermeasures and the effect of these is analyzed via a live data acquisition and analysis on the code using side channel analysis equipment.


Who Should Take This Course

Software and hardware engineers who develop secure embedded systems, security researchers with an interest in hardware attacks.


Student Requirements

• Basic Java or C programming experience
• Basic knowledge of cryptographic concepts
• Basic knowledge of statistics (average, variance, etc)


What Students Should Bring

Shirts, shoes


What Students Will Be Provided With

Laptop, side channel and fault injection tools, targets


Trainers

Contact Information
Name (first & last): Jasper van Woudenberg
Organization/Company Employed By: Riscure
Organization/Company Title: CTO North America
Phone Number(s): +16506469979
Mailing Address: 71 Stevenson Street Suite 400, San Francisco, CA 94105
Email Address: vanwoudenberg@na.riscure.com

Professional Information
Professional Biography/LinkedIn/Bio Link: http://nl.linkedin.com/in/jaspervwTechnicalReferences Related To Prior Teaching Experience (3):Led side channel analysis workshops for our customers at several government agencies and commercial clients worldwide.Has performed similar training at BH2007 and BH2008 in Vegas, and BH2008 AmsterdamInvited lectures for the University of Amsterdam and Stanford.Title And Event/Customer Of Most Recently Taught Courses (3): Talks at RSA'13, BSides'13, InfiltrateCon'13, ...Fault injection training at customerSide channel analysis training at customer