Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
Fault	Injection	Attacks
on	embedded	systems
Ziyad	Alshehri
IA	5984
Fall	- 2017
Overview
• Fault	injection	techniques
• Clock	Glitching
• Timing	the	attack
• Setup	for	Clock	Glitching
• Advanced	Clock	G...
Glitching	Attacks
• Introducing	faults	in	a	target	to	alter	its	intended	behavior
• The	goal	is	to	skip	instructions	or	co...
Clock	Glitching
• Since	the	instructions	are	executed	in	a	pipeline	based	on	the	rising	edge,	it’s	
possible	to	skip	an	in...
Clock	Glitching
• To	build	a	Clock	Glitcher,	we	XOR	the	glitch	stream	with	the	original	clock:
• Then	we	remove	the	crysta...
Timing	the	attack
• In	order	to	precisely	attack	the	target,	we	have	to	
identify	a	trigger	signal	to	initiate	the	attack	...
Setup	for	Clock	Glitching
• We	will	use	Chipwhisperer-Lite	for	this	attack
• Comprised	of	MCU	&	FPGA	(ATSAM3U2C	+	
SPARTAN...
Setup	for	ATMEGA1284PChipWhispere
r
CLK	OUT
Trigger	
in
UART	
output
ChipWhisperer	Software	
Configuration
External	
trigger	
offset
=	22%	of	50ns	=	11ns
=	14%	of	50ns	=	7ns
Glitch	
offset
Gl...
Results
Trigger
Target	instruction
Examples	of	Successful	Glitches
• Rolled	back	to	version	1	using	FPGA	trigger	(UART=‘U’)	to	skip	version	check,	and	then	p...
Examples	of	Successful	Glitches
• Obtained	the	encryption	keys	by	glitching to	exit	the	while	loop,	and	then	installing	a	...
Optimized	!Optimized	!
Lesson	learned! Review	the	assembly	code
Advanced	Glitching
• Practical	Analysis	of	Embedded	Microcontrollers	
against	Clock	Glitching	Attacks - by	Ricardo	Gomes	d...
Glitcher Development
• Using	Die	Datenkrake,	Hardware	Security	Platform
• Comprised	of	ARM	MCU	&	FPGA
• Their	target	XMEGA...
Glitcher Development
• Results	of	the	glitched clock:
• The	research	compares	between	
• Unconditional	loops	(Jump,	Relati...
Unconditional	loops: Jump	(	JMP )
Explanation:
JMP	requires	3	CLK	cycles	to	be	
executed.	
Each	instruction	is	(16-bit)	lo...
If	we	glitched both	
cycles,	we	won’t	
change	the	PC	value.
Unconditional	loops	– Relative	
Jump	(	RJMP )
Explanation:
RJMP	requires	2	CLK	cycles	to	
be	executed.	
RJMP	is	a	sum	of	t...
Conditional	loops	– Branch	if	
equal	(	BREQ )
Explanation:
BREQ	changes	the	current	
flow	of	the	program	if	the	
compared	...
Conditional	loops	–Branch	if	not	
equal	(BRNE)
Explanation:
BRNE	changes	the	current	flow	
of	the	program	if	the	compared	...
Multiple	loops	– (double	RJMP)
We	needed	to	use	the	internal	
trigger	to	add	a	precise	delay	
before	the	second	RJMP.
Multiple	loops	– (double	RJMP)
Explanation:
D0 and	W0 correspond	to	the	
delay	and	width	of	the	first	glitch,	
while	D1	an...
VCC	Glitching
Shunt	
resistor
Setup	for	Voltage	Glitching
Setup	for	ATMEGA1284P
ChipWhisperer
Glitch	OUT
Example	of	VCC	Glitching
Defenses	against	glitching attacks
• Using	different	clock	for	sensitive	operations	(	
Firmware	Dogs	)
Defenses	against	glitching attacks
• Enable	Brown-out-detection	against	vcc glitching
Defenses	against	glitching attacks
• Erase	the	flash/eeprom in	case	failure	(Firmware	Dogs,	
pgm_flag)
• Using	bl_configur...
Defenses	against	glitching attacks
• Disable	any	unnecessary	debug	info	(Snorlax)
Snorlax:	no	feedback	on	UART!
Contribution	to	Sprite	team
• Got	all	flags	from	RPI,	using	AVR	Dragon	and	High	
Voltage	Parallel	Programming	(HVPP)
• Har...
Contribution	to	Sprite	team
• implementing	Clock	Glitching,	and	helped	getting	
all	flags	from	vulnerable	designs.
References
• Gomes,	Ricardo,	“Practical	Analysis	of	Embedded	Microcontrollers	against	Clock	Glitching	
Attacks”,	https://r...
Thank	you
Fault Injection Attacks
Nächste SlideShare
Wird geladen in …5
×

von

Fault Injection Attacks Slide 1 Fault Injection Attacks Slide 2 Fault Injection Attacks Slide 3 Fault Injection Attacks Slide 4 Fault Injection Attacks Slide 5 Fault Injection Attacks Slide 6 Fault Injection Attacks Slide 7 Fault Injection Attacks Slide 8 Fault Injection Attacks Slide 9 Fault Injection Attacks Slide 10 Fault Injection Attacks Slide 11 Fault Injection Attacks Slide 12 Fault Injection Attacks Slide 13 Fault Injection Attacks Slide 14 Fault Injection Attacks Slide 15 Fault Injection Attacks Slide 16 Fault Injection Attacks Slide 17 Fault Injection Attacks Slide 18 Fault Injection Attacks Slide 19 Fault Injection Attacks Slide 20 Fault Injection Attacks Slide 21 Fault Injection Attacks Slide 22 Fault Injection Attacks Slide 23 Fault Injection Attacks Slide 24 Fault Injection Attacks Slide 25 Fault Injection Attacks Slide 26 Fault Injection Attacks Slide 27 Fault Injection Attacks Slide 28 Fault Injection Attacks Slide 29 Fault Injection Attacks Slide 30 Fault Injection Attacks Slide 31 Fault Injection Attacks Slide 32 Fault Injection Attacks Slide 33 Fault Injection Attacks Slide 34 Fault Injection Attacks Slide 35 Fault Injection Attacks Slide 36
Nächste SlideShare
What to Upload to SlideShare
Weiter
Herunterladen, um offline zu lesen und im Vollbildmodus anzuzeigen.

4 Gefällt mir

Teilen

Herunterladen, um offline zu lesen

Fault Injection Attacks

Herunterladen, um offline zu lesen

Introduction to fault injection attacks (mainly glitching), with examples from the MITRE eCTF 2017 challenge.

Ähnliche Bücher

Kostenlos mit einer 30-tägigen Testversion von Scribd

Alle anzeigen

Ähnliche Hörbücher

Kostenlos mit einer 30-tägigen Testversion von Scribd

Alle anzeigen

Fault Injection Attacks

  1. 1. Fault Injection Attacks on embedded systems Ziyad Alshehri IA 5984 Fall - 2017
  2. 2. Overview • Fault injection techniques • Clock Glitching • Timing the attack • Setup for Clock Glitching • Advanced Clock Glitching • Voltage Glitching • Setup for Voltage Glitching • Defenses against fault injection • Contribution to Sprite team • Conclusion
  3. 3. Glitching Attacks • Introducing faults in a target to alter its intended behavior • The goal is to skip instructions or corrupt data while read/write • Real-life Example: • Xbox 360 Reset Glitch Hack – by a French hacker GliGli, 2011
  4. 4. Clock Glitching • Since the instructions are executed in a pipeline based on the rising edge, it’s possible to skip an instruction by reducing the execution time.
  5. 5. Clock Glitching • To build a Clock Glitcher, we XOR the glitch stream with the original clock: • Then we remove the crystal oscillator and use the new clock.
  6. 6. Timing the attack • In order to precisely attack the target, we have to identify a trigger signal to initiate the attack based on. • Status LEDs • Toggle GPIO • Serial messages ( UART ) • Any other hardware events ( Reset, … )
  7. 7. Setup for Clock Glitching • We will use Chipwhisperer-Lite for this attack • Comprised of MCU & FPGA (ATSAM3U2C + SPARTAN-6) CLK out Trigger in UART for output
  8. 8. Setup for ATMEGA1284PChipWhispere r CLK OUT Trigger in UART output
  9. 9. ChipWhisperer Software Configuration External trigger offset = 22% of 50ns = 11ns = 14% of 50ns = 7ns Glitch offset Glitch Width 20MHz freq = Period 50ns
  10. 10. Results Trigger Target instruction
  11. 11. Examples of Successful Glitches • Rolled back to version 1 using FPGA trigger (UART=‘U’) to skip version check, and then printed the flag. River Hawk (Umass Lowell) Target instruction
  12. 12. Examples of Successful Glitches • Obtained the encryption keys by glitching to exit the while loop, and then installing a malicious firmware to print the keys over serial, then decrypted v1 firmware. • Forced the bootloader to print out memory read log and decrypt it using the keys to get stored flags. Northeastern ReadbackNortheastern Upload If statement Print ‘F’ = 0x46 Infinite loop wdt_reset() Minimum optimization -O1
  13. 13. Optimized !Optimized ! Lesson learned! Review the assembly code
  14. 14. Advanced Glitching • Practical Analysis of Embedded Microcontrollers against Clock Glitching Attacks - by Ricardo Gomes da Silva, 17 March 2014 Summary of the paper: • The research proposes a better design for a glitching system, and compares between different glitching results for different assembly instructions. • Also, the research shows how glitching multiple loops is possible with the appropriate hardware configurations.
  15. 15. Glitcher Development • Using Die Datenkrake, Hardware Security Platform • Comprised of ARM MCU & FPGA • Their target XMEGA-A1 Xplained XMEGA-A1 Xplained
  16. 16. Glitcher Development • Results of the glitched clock: • The research compares between • Unconditional loops (Jump, Relative Jump) • Conditional loops (Branch if equal, Branch if not equal) • Multiple loops
  17. 17. Unconditional loops: Jump ( JMP ) Explanation: JMP requires 3 CLK cycles to be executed. Each instruction is (16-bit) long, and the new address is (22-bit) long, therefore, we need 2 cycles to fit the new address. If these 2 cycles were glitched then we can bypass the instruction.
  18. 18. If we glitched both cycles, we won’t change the PC value.
  19. 19. Unconditional loops – Relative Jump ( RJMP ) Explanation: RJMP requires 2 CLK cycles to be executed. RJMP is a sum of the current PC + offset (12 bit) +1 , so the first cycle will conduct the sum operation for the new address, if glitched, then we can bypass the instruction.
  20. 20. Conditional loops – Branch if equal ( BREQ ) Explanation: BREQ changes the current flow of the program if the compared values are equal. In other words, subtract then branch if zero. BREQ requires 1 or 2 CLK cycles to be executed. The first cycle, will compare if the result is zero or not (0xFF), and the second one will execute the branch. We only need to glitch the first cycle to bypass the instruction.
  21. 21. Conditional loops –Branch if not equal (BRNE) Explanation: BRNE changes the current flow of the program if the compared values are not equal. In other words, subtract then branch if not zero. BRNE requires 1 or 2 CLK cycles to be executed. The first cycle, will compare if the result is not zero (0xEE), and the second one will execute the branch. We only need to glitch the first cycle to bypass the instruction.
  22. 22. Multiple loops – (double RJMP) We needed to use the internal trigger to add a precise delay before the second RJMP.
  23. 23. Multiple loops – (double RJMP) Explanation: D0 and W0 correspond to the delay and width of the first glitch, while D1 and W1 correspond to the delay and width of the second glitch (after the trigger). They were able to glitch multiple RJMPs with 1-2 repeated glitches
  24. 24. VCC Glitching Shunt resistor
  25. 25. Setup for Voltage Glitching
  26. 26. Setup for ATMEGA1284P ChipWhisperer Glitch OUT
  27. 27. Example of VCC Glitching
  28. 28. Defenses against glitching attacks • Using different clock for sensitive operations ( Firmware Dogs )
  29. 29. Defenses against glitching attacks • Enable Brown-out-detection against vcc glitching
  30. 30. Defenses against glitching attacks • Erase the flash/eeprom in case failure (Firmware Dogs, pgm_flag) • Using bl_configure function, to configure only once ( Firmware Dogs ) Firmware Dogs: Fill the buffer with FFs and rewrite pgm_flag: Erase SRAM, then erase flash
  31. 31. Defenses against glitching attacks • Disable any unnecessary debug info (Snorlax) Snorlax: no feedback on UART!
  32. 32. Contribution to Sprite team • Got all flags from RPI, using AVR Dragon and High Voltage Parallel Programming (HVPP) • Hardening the hardware configurations (Lockbits)
  33. 33. Contribution to Sprite team • implementing Clock Glitching, and helped getting all flags from vulnerable designs.
  34. 34. References • Gomes, Ricardo, “Practical Analysis of Embedded Microcontrollers against Clock Glitching Attacks”, https://rgsilva.com/Bachelorarbeit.pdf • Riscure: https://www.riscure.com/documents/eu-16-timmers-bypassing-secure-boot-using- fault-injection.pdf?1479193246 • NCC Group:https://www.blackhat.com/docs/eu-15/materials/eu-15-Giller-Implementing- Electrical-Glitching-Attacks.pdf • Chipwhisperer: https://wiki.newae.com • Die Datenkrake: https://github.com/ddk • AVR XMEGA datasheet: http://www.atmel.com/images/doc8077.pdf
  35. 35. Thank you
  • ha_toan

    Feb. 1, 2020
  • juliodellaflora

    Oct. 4, 2018
  • pright

    Nov. 8, 2017
  • robguti

    Sep. 27, 2017

Introduction to fault injection attacks (mainly glitching), with examples from the MITRE eCTF 2017 challenge.

Aufrufe

Aufrufe insgesamt

1.552

Auf Slideshare

0

Aus Einbettungen

0

Anzahl der Einbettungen

3

Befehle

Downloads

59

Geteilt

0

Kommentare

0

Likes

4

×