Date : 03 juin 2020 à 14:45 — 30 min.
With the constant development of electronic devices, their increasing complexity and need for security, cryptography in embedded systems has become a strong requirement to protect data or secure communications. Some devices run on standard low-cost microcontrollers, which are vulnerable to low-budget physical attacks allowing the retrieval of secret materials, such as cryptographic keys. More sophisticated devices use dedicated security circuits able to withstand higher levels of physical attacks.
We present a vulnerability research conducted on one of those secure chips: the Microchip ATECC508A, a secure memory widely used in IoT devices, which is able to store small secret data blobs protected by cryptographic authentication. We identified a vulnerability which allows a highly equipped and skilled attacker to retrieve a secret data slot by bypassing authentication using Laser Fault Injection.
The talk walks through the experimental methodology we used to understand and develop the attack in a complete black-box approach. Finally, we assess the difficulty of this attack in a real-case scenario: a PIN code and seed recovery on a hardware wallet, and demonstrate it is practical despite the setup cost.