Advanced IC Reverse Engineering Techniques: In Depth Analysis of a Modern Smart Card

Presented at Black Hat USA 2015, Aug. 6, 2015, 3:50 p.m. (50 minutes).

Hardware attacks are often overlooked since they are generally considered to be complex and resource intensive. However certain industries, such as pay TV, are plagued by piracy and hardware counterfeits. The threat of piracy was so great that pay TV manufacturers were forced to create extensive countermeasures to protect their smartcards in the field.

One of the most effective countermeasures is to implement parts or all of their proprietary algorithms in hardware. To analyze proprietary hardware implementations additional analysis techniques are necessary. It is no longer sufficient to follow individual signals on the chip. Instead, full extraction and analysis of the device's netlist is necessary.

This talk will focus on a case study of a widely-used pay TV smartcard. The card includes extensive custom hardware functions and has yet to be compromised after over 5 years in the field.

This talk will demonstrate the tools and techniques necessary for successfully performing the analysis of such a target. The research highlights the capabilities of advanced analysis techniques. Such techniques also make analysis significantly more efficient, reducing the time required for a study from many months to a few weeks.


Presenters:

  • Olivier Thomas - Texplained
    Olivier Thomas studied electrical engineering and subsequently worked for a major semiconductor manufacturer designing analog circuits. Subsequently, Olivier began to work in the field of Integrated Circuit (IC) security as the head of one of the worlds leading IC Analysis Labs. The lab primarily focused on securing future generation devices as well as developing countermeasures for current generation devices to combat piracy and counterfeiting. During this time, Olivier helped develop many new and novel techniques for semi-and fully-invasive IC analysis. He has an extensive background in all the Failure Analysis techniques and equipment necessary for accessing vulnerable logic on a target device. Combined with his experience as an IC design engineer, Olivier continues to develop techniques for automating the analysis process. These techniques are not only applicable to lower-complexity devices, such as smartcards, which are the traditional targets for IC analysis, but they are applicable to modern semiconductor devices with millions of gates, such as modern System-on-Chips (SoCs). Olivier is the author of ARES (Automated Reverse Engineering Software), a software toolchain for the efficient analysis of complex designs. He is the founder and head of hardware security at Texplained SARL.

Links:

Similar Presentations: