Professional Documents
Culture Documents
Us 17 Picod Attacking Encrypted USB Keys The Hard (Ware) Way
Us 17 Picod Attacking Encrypted USB Keys The Hard (Ware) Way
6%
Show-case real attacks found while auditing
On-going research ahead
Encrypted USB key inner working
Controller Storage
(crypto/USB) (eMMC)
Controller Fingerprint
& storage reader
NIST certifications for encrypted USB keys
FIPS 140
FIPS 197
Audit methodology
Serendipitous
Professional
State sponsored
Weaken security
Full break
Mitigating hardware attacks
Attacker Professional
Serial line
Serial line
Buspirate
USB Key
used for
injection
Serial line
Input can be cloned
Attacker Professional
Configuration RFID coil
EEPROM
RFID
controller SATA
port
Reprogrammable
RFID tag
Proxmark3
Pin is not stored in software
Firmware attestation
Password can be extracted
Attacker Serendipitous
Input can be brute-forced
Attacker Serendipitous
Device is burned out after nth unsuccessful attempts
Integrity
Storage tampering should be detected
3. Error
2. Memory 4. Undo XOR
1. Chip removal correction (BCH
dump scrambling
ECC)
FPGA emulating
memory
Key
without memory
Custom
PCB
Individual
0.02” wires
Key
without
memory
Decoded Digital Analog Measurement
overlay channels channels panel
[+] eMMC firmware started
[+] eMMC system ready for commands!
[+] CMD 0, H2D, verdict: ACCEPT, arg: 0xfffffffa, ctr: 0
[+] CMD 0, H2D, verdict: ACCEPT, arg: 0xfffffffa, ctr: 1
[+] CMD 0, H2D, verdict: ACCEPT, arg: 0xf0f0f0f0, ctr: 2
[+] CMD 0, H2D, verdict: ACCEPT, arg: 0x0, ctr: 3
[+] CMD 1, H2D, verdict: ACCEPT, arg: 0x401c0000, ctr: 4
[+] CMD 2, H2D, verdict: ACCEPT, arg: 0x0, ctr: 5
[+] CMD 3, H2D, verdict: ACCEPT, arg: 0x10000, ctr: 6
[+] CMD 7, H2D, verdict: ACCEPT, arg: 0x10000, ctr: 7
[+] CMD 13, H2D, verdict: ACCEPT, arg: 0x10000, ctr: 8
AES key can be
recovered?
Target ?
Impact ?
Attacker ?
Data is encrypted :)
- Pin in clear
- AES key