Summerschool Aachen 2004/Hardware Hacking Lab
Presentation Summary
Introduction
- Security by using obscure screws, non public systems
- Security by obscurity
Locks
- LINK MIT Lockpicking Guide
- Keys can be memorized
- Master keys possible because of "spacer pins"
- Lockpicking, types of tools
- picks: spanner, snake
- pull the mechanism directly, evading the lock
- automated equipment, using vibrating pins
- magnetic fields, used against locks which hold their pins with magnets
- High Security Locks, 15 pin positions (slits) in a row, 3 pins at a given position
- Master keys may be "bruteforced" by elevating single pins consecutively, if you have a working single key
- Circular locks defeated by empty pen casing
Tampering - opening things you shouldn't
- LINK presentations from "kingpin" by the l0pht - http://www.grandideastudio.com/portfolio
- glue melts faster than casing
- PAPERS Chrysalis (Steven J. Murdoch)
- logic analyzers (used to watch i.e. 16 wires)
- hardware gets obfuscated on a regular basis
- protection against tempering by adding plastic framing to chips, etc.
- jtag interface to hardware devices for "debugging"
- show supported flash
- re flash
- PAPER Keeping Secrets: Opening the XBOX (Andrew Huang)
- PAPER Low Cost Attacks on Tamper Resistant Devices (Ross Anderson, Markus G. Kuhn)
- PAPER Design Principles for Tamper-Resistant Smartcards (Oliver K)
- Chip layout rendered by 3d microscope imaging
- test circuits protected by fuses, burnt upon delivery
Tempest
- Electromagnetic emanations
- Use tinfold to protect your thoughts whenever possible
- Tempest attacks against svga are not simple
- PAPER Soft Tempest (Ross Anderson, Markus G. Kuhn)
- Tempest for Eliza, plays music on a radio by drawing patterns on a monitor
- Optical Tempest, samples brightness changes in the room, effective
- watch leds to capture bits from data lines, which are connected directly to the led, not working on ethernet
Side Channels
- used on smart cards
- Simple Power Analysis
- Timing Analysis
- Differential Power Analysis
- PAPER Power Analysis Tutorial (Manfred Aigner, Elisabeth Oswald)
- PAPER Physical Side-Channel Attacks on Cryptographic Systems (N.P.Smart)
Fault Injection
- changing power, frequency, temperature, light
- skip unwanted functions/control statements
Notes from Presentations
TEMPEST
For those interested in TEMPEST attacks and defences, including both radio and optical based techniques, Markus Kuhn's PhD thesis covers this area well, but is long. If you don't want to read all of it, there are shorter papers on Optical TEMPEST and Radio TEMPEST on LCD screens (which also mentions the anti-TEMPEST fonts). There is also an FAQ on Optical TEMPEST.
Locks
If you are interested in lock picking the MIT Guide to Lock Picking is a good start.
One of my friends works in Belmarsh high security prison. They apparently use keys which have a magnetic combination, since there was a problem where inmates would look at the shape of the original key held by a prison officer and make replacement keys by hand.
Tampering
At Cambridge, the TAMPER Lab does most of the work investigating hardware security. In particular Sergei Skorobogatov's website is worth looking at.
Notes from the Lab Session
The Anatomy of an ADSL modem
The model brought by Max is one of the earliest generation and was manufactured by Siemens. It was given away to customers of Deutsche Telekom who signed up for DSL access.
The casing is held in place by eight small plastics protrusions. When worked on with a screwdriver, they can be bent (inelastically) enough to open the case. The fact that the device has been opened is visible only when looking at the damaged holding clips. Also, the screwdrivers leave marks on the outer casing when applied as carelessly as I did.
Inside there are two boards: A small one, which holds the power input; and a large one, which holds everything else.
The power board contains mostly electrical stuff for AC/DC conversion, like coils and capacitors. It also has a very impressive 47 uF capacitor, around 3-4 cm high and 1-2 cm in diameter. There are no ICs in the power unit, however.
The main board contains TI chips for the most part, with designations TNETD*. The most prominent of the ICs is labelled "ADSL Transceiver". Data sheets were not indexed by Google, there was however a link to a router Linux site from the UK which had the chip listed as "ADSL router/bridge".
Netgear RT314
Boris and me opened the Netgear RT314 internet access gateway dsl router. It has a Samsung S3C4510X01 ARM CPU, 4 100MBit Ethernet interfaces (probably controlled by a Realtek RTL 8019AS chip), an RS232 Manager interface as well as a DSL interface. Due to lack of power cord we could not boot it and analyse its software. Besides we managed to open two other devices, a Siemens TDSL Modem and a Cisco 2500Series Router. On none of the mainboards we could find JTAG interfaces.
After that we looked into dievo.org and hackerslab.org and managed to advance some levels.
The Netgear FR314 xDSL Router...
Lisa and I opened up one of those. It contained a Samsung S3C4510X01-QER0 CPU, which is an ARM 7 TDMI kind of CPU, 1 MB of Flash Memory, 1 MB of RAM, a Realtek 10MBit Ethernet Controller for connecting to a DSL Modem and a 5 10/100 MBit switching IC, serving the 4 external 10/100 MBit Ports and the DSL connection. A CPU of a similar part number (S3C4510B) is reported to run ucLinux and sport a JTAG interface, but we could not find anything on the particular CPU used or on the router itself, so we gave up and put the device back together.
After that I completed the "Apprentice" and "The Hook" Puzzles at dievo.org and gave up on level 0 of hackerslab.org.
Dismantling the Early Warning System (PEWS) AN/TRS-2(V)
Myself and Ernest dismantled the PEWS detector to find out what it is and how it works. It is a device designed to detect passing vehicles and personnel by using seismic and magnetic detectors, and send this to the receiver. The manual for the system is online.
The detector is weatherproof so it was necessary to remove the sealant to open it. Once opened it contained two main boards, both of which were densely packed with discrete components (resistors, capacitors and transistors). There were a few chips, but based on their datasheets these were very simple (one was a decimal counter, the other contained a few simple logic gates). The serial number of one of these showed that the chip was manufactured in 1981 so that would explain why the system is so basic.
The output of the device can either be sent using wires or radio. There is no means to give the device a key, so the signal must be unencrypted. It probably simply sends the serial number and whether it detects a person or a vehicle. Only two digits of the serial number are shown on the receiver. There doesn't appear to be any attempt to prevent jamming, interception or generation of false signals so it is not that interesting from a security perspective.
There are some photos available on the internal network:
Outside
Boards 1
Boards 2
Boards 3
nCipher HSM
We've had a look at nCipher hardware storage module, model nF300KM 1C (the FIPS-2 compliant device).
You can open the housing by simply removing 4 screws and some holographic stickers. Actually we destroyed
the stickers, but maybe it's possible to remove them by heat.
The HSM consists of 2 boards connected by a cable. One for the smart card reader, the other for cryptographic
operations and key storage. We assume that most of the crypto stuff is being done by the firmware, which resides
in a flash memory, and the xilinx 3164A FPGA, which is not very large (~ 4500 logic gates).
Two large heat sinks cover 8 chips on the board, that we couldn't identify at all, because these heat sinks are
being held in place by epoxy. We tried to freeze the board, hoping that we can break the epoxy at low temperature
without destroying the chips, but unfortunately that didn't work. You probably have to heat it, which on the other
hand would certainly damage the board.
--Cpunkt 10:02, 23 Sep 2004 (CEST)
HackersLab
George and I spent the latter part of the afternoon trying the puzzles on HackersLab
We don't want to give too much away about how to solve them, because it might spoil it for the rest of you. However, we can give a general description of the kind of test you might encounter.
There are progressively harder levels to be attempted, and each level requires you to telnet to drill.hackerslab.org, where you are given a command shell. Your goal is always to find the password to the next level, and a hint (with a backstory) is given on the hackerslab.org website.
To give you an idea of the flavour, the first few puzzles involve getting a setuid binary to do something that it was not intended to do. You do this using a variety of methods (manipulating the environment, finding 'hidden' files).
All the puzzles we've tried so far have been good fun, and they start off nice and easy!