Summerschool Aachen 2004/Hardware Hacking Lab

From C4 Wiki
Jump to: navigation, search

Summary

Introduction

  • Security by using obscure screws, non public systems
  • Security by obscurity

Locks

  • LINK MIT Lockpicking Guide
  • Keys can be memorized
  • Master keys possible because of "spacer pins"
  • Lockpicking, types of tools
    • picks: spanner, snake
    • pull the mechanism directly, evading the lock
    • automated equipment, using vibrating pins
    • magnetic fields, used against locks which hold their pins with magnets
  • High Security Locks, 15 pin positions (slits) in a row, 3 pins at a given position
  • Master keys may be "bruteforced" by elevating single pins consecutively, if you have a working single key
  • Circular locks defeated by empty pen casing

Tampering - opening things you shouldn't

  • LINK presentations from "kingpin" by the l0pth
  • glue melts faster than casing
  • PAPERS Chrysalis (Steven J. Murdoch)
  • logic analyzers (used to watch i.e. 16 wires)
  • hardware gets obfuscated on a regular basis
  • protection against tempering by adding plastic framing to chips, etc.
  • jtag interface to hardware devices for "debugging"
    • show supported flash
    • re flash
  • PAPER Keeping Secrets: Opening the XBOX (Andrew Huang)
  • PAPER Low Cost Attacks on Tamper Resistant Devices (Ross Anderson, Markus G. Kuhn)
  • PAPER Design Principles for Tamper-Resistant Smartcards (Oliver K)
  • Chip layout rendered by 3d microscope imaging
  • test circuits protected by fuses, burnt upon delivery

Tempest

  • Electromagnetic emanations
  • Use tinfold to protect your thoughts whenever possible
  • Tempest attacks against svga are not simple
  • PAPER Soft Tempest (Ross Anderson, Markus G. Kuhn)
  • Tempest for Eliza, plays music on a radio by drawing patterns on a monitor
  • Optical Tempest, samples brightness changes in the room, effective
  • watch leds to capture bits from data lines, which are connected directly to the led, not working on ethernet

Side Channels

  • used on smart cards
  • Simple Power Analysis
  • Timing Analysis
  • Differential Power Analysis
  • PAPER Power Analysis Tutorial (Manfred Aigner, Elisabeth Oswald)
  • PAPER Physical Side-Channel Attacks on Cryptographic Systems (N.P.Smart)

Fault Injection

  • changing power, frequency, temperature, light
  • skip unwanted functions/control statements

Notes from Presentations

TEMPEST

For those interested in TEMPEST attacks and defences, including both radio and optical based techniques, Markus Kuhn's PhD thesis covers this area well, but is long. If you don't want to read all of it, there are shorter papers on Optical TEMPEST and Radio TEMPEST on LCD screens (which also mentions the anti-TEMPEST fonts). There is also an FAQ on Optical TEMPEST.

-- Steven Murdoch

Locks

If you are interested in lock picking the MIT Guide to Lock Picking is a good start.

One of my friends works in Belmarsh high security prison. They apparently use keys which have a magnetic combination, since there was a problem where inmates would look at the shape of the original key held by a prison officer and make replacement keys by hand.

-- Steven Murdoch

Tampering

At Cambridge, the TAMPER Lab does most of the work investigating hardware security. In particular Sergei Skorobogatov's website is worth looking at.

-- Steven Murdoch

Notes from the Lab Session

  • nCipher HSM
  • The Anatomy of an ADSL modem
  • Netgear RT314
  • The Netgear FR314 xDSL Router...

Dismantling the Early Warning System (PEWS) AN/TRS-2(V)

Myself and Ernest dismantled the PEWS detector to find out what it is and how it works. It is a device designed to detect passing vehicles and personnel by using seismic and magnetic detectors, and send this to the receiver. The manual for the system is online.

The detector is weatherproof so it was necessary to remove the sealant to open it. Once opened it contained two main boards, both of which were densely packed with discrete components (resistors, capacitors and transistors). There were a few chips, but based on their datasheets these were very simple (one was a decimal counter, the other contained a few simple logic gates). The serial number of one of these showed that the chip was manufactured in 1981 so that would explain why the system is so basic.

The output of the device can either be sent using wires or radio. There is no means to give the device a key, so the signal must be unencrypted. It probably simply sends the serial number and whether it detects a person or a vehicle. Only two digits of the serial number are shown on the receiver. There doesn't appear to be any attempt to prevent jamming, interception or generation of false signals so it is not that interesting from a security perspective.

There are some photos available on the internal network:
Outside Boards 1 Boards 2 Boards 3

-- Steven Murdoch