On This Page

Advanced Hardware Hacking: Hands-on Power Analysis & Glitching with the ChipWhisperer

NewAE Technology Inc. | July 22-23 & July 24-25



Overview

Side-Channel Power Analysis - that freaky method of extracting secret keys from embedded systems that doesn't rely on exploits or coding errors. It can be used to read out an AES-128 key in less than 60 seconds from a standard implementation on a small microcontroller. Are your products vulnerable to such an attack? This course is loaded with hands-on examples to teach you not only about the attacks and theories, but how to apply them.

The course uses the open-source ChipWhisperer project (www.chipwhisperer.com) for both hardware & software tools, meaning attendees can immediately take the knowledge learned in this course and apply it in real life. The course includes a ChipWhisperer-Lite, so students walk away with the hands-on hardware used during the lab.

During the two-day course, topics covered will include: theory behind side-channel power analysis, measuring power in existing systems, setting up the ChipWhisperer hardware & software, several demonstrated attacks, understanding and demonstration glitch attacks, and analyzing your own hardware.

As this course uses entirely open-source tools & examples, attendees will be able to use this knowledge in their own training courses, for example training employees at their workplace in these techniques. Side Channel Power Analysis & Fault Attacks have never been more accessible, and testing your products has never been this inexpensive or easy.

Who Should Take this Course

Anyone dealing with embedded systems needs to understand the threats that can be used to break even a "perfectly secure" system (meaning no buffer overflows, ability to inject code, or other such flaws). This course assumes knowledge and experience with embedded systems, and will build upon that to teach you about the practicality of various advanced attacks on those systems.

This course will also contain an extensive hands-on component, and includes a ChipWhisperer-Lite to allow you to extend the experiments covered in class onto your own products.

Student Requirements

Students taking this class are assumed to have a good working knowledge of basic embedded systems (i.e. 8-bit microcontrollers), including programming in C and hardware design. This could mean at minimum having implemented projects on the Arduino platform. Students should be familiar with the Python programming language, as most tools are written in Python. The tools are fairly user-friendly, meaning it's not a requirement, but modification of the tools will be briefly mentioned.

What Students Should Bring

Students MUST bring a laptop with approximately 15GB of free space. A variety of (Python-based) tools will be installed and used, which can run on Linux & Windows. To simplify the class, a VMWare image will be provided which has all tools installed, but students are free to directly install the tools on their own computer.

Students are encouraged to bring a computer with VMWare Workstation already installed to reduce setup time.

What Students Will Be Provided With

  • ChipWhisperer-Lite hardware platform (kept by the student once class is done).
  • Slides and documentation used during class (not open source, not distributable)
  • VMWare image, software tools (all tools open source, distributable)
  • Example capture traces (distributable)

Trainers

Colin O'Flynn has developed the world's first open-source platform for side-channel power analysis and glitching attacks, and has spoken around the world about the application of this platform to various targets. Previously he worked developing low-power wireless embedded systems, and continues to write about FPGAs for Circuit Cellar magazine. He lives in Halifax, NS, Canada.