Symposium sur la sécurité des technologies de l'information et des communications

Conférence francophone sur le thème de la sécurité de l'information.
Elle a eu lieu à Rennes du 3 au 5 juin 2020.

Blackbox Laser Fault Injection on a Secure MemoryOlivier Heriveaux

Date : 03 June 2020 à 14:45 — 30 min.

With the constant development of electronic devices, their increasing complexity and need for security, cryptography in embedded systems has become a strong requirement to protect data or secure communications. Some devices run on standard low-cost microcontrollers, which are vulnerable to low-budget physical attacks allowing the retrieval of secret materials, such as cryptographic keys. More sophisticated devices use dedicated security circuits able to withstand higher levels of physical attacks.

We present a vulnerability research conducted on one of those secure chips: the Microchip ATECC508A, a secure memory widely used in IoT devices, which is able to store small secret data blobs protected by cryptographic authentication. We identified a vulnerability which allows a highly equipped and skilled attacker to retrieve a secret data slot by bypassing authentication using Laser Fault Injection.

The talk walks through the experimental methodology we used to understand and develop the attack in a complete black-box approach. Finally, we assess the difficulty of this attack in a real-case scenario: a PIN code and seed recovery on a hardware wallet, and demonstrate it is practical despite the setup cost.