Security in the wild IoT field. First experience of a side channel attack

From the enterprise

By the time this story began, he worked for many years in the development of enterprise systems, was a good specialist, and was attentive to the issues of reliability and safety. In particular, Howard and LeBlanc's excellent book was known, appreciated, and regularly re-read.





Brave new world of IoT

When switching to embedded development, it immediately became clear that security is provided in a completely different way and the physical attack surface is not limited to the network connector.





Then our creative team was developing an application for a microprocessor card for one of the European manufacturers of microelectronics. The manufacturer himself has been buzzing about how they care about safety and what unprecedented security measures are implemented in their controllers. It seemed to me that with such and such an arsenal of protective equipment it would not be difficult to get certified. The reality turned out to be much more interesting - a gang of "ethical hackers" got in touch a couple of days later: "Here are the first 6 bits of your secret key, your controller is broken, carry the next one."





It turned out that the device itself, all documentation, source code and data for parameterization (including keys) are provided for certification. The first impression was that the gentlemen, of course, take their word for it, but in this case the gentlemen are lying! Colleagues have cooled my hot head and convinced that, most likely, they are not fooling, such a direction of technology as an attack through side channels has been known for many years and in general it is a serious business of serious people.





I also want to go to the dark side

? โ€“ . , โ€“ , , . , , AES , , . , โ€“ . , , , , , , .





โ€“ , - , , . , , , โ€“ . , , , - .





:





, , u(t) z(t), f x(t). , , .





? , . , ยซ ยป, xor.





, ATMega32u4 28147-89 () 256 . . - , .





- :





, . , .





, โ€“ ยซยป a b, .. a xor b. .





, .





= 250 , H0 H8 a b. , N- , H0 ( 0x00 xor 0x00) H8 ( 0x00 xor 0xFF) .





H1 H7, . , K- , , , . . 





, H0 H8, , , , .





( , ) , 2256 214 .





:





  • 4





  • 10-20 ,





  • 32 .





โ€“ 3 .





.





Thus, even the distrustful one, I came to believe in the great power of science and the fact that even on the knee, you can crack unprotected realizations. To overcome the means of protection, of course, required new knowledge and equipment, but a start was made. Ahead opened a path full of new discoveries and adventures, because if you do not know how to attack, you will not be able to defend.





Everything we learn along the way is somehow used in the design of our microcircuits.












All Articles