Presented at
Black Hat USA 2019,
Aug. 7, 2019, 2:40 p.m.
(50 minutes).
All smart devices, from cars to IoT, are based around processors. Often these processors are not considered as part of the threat model when designing a product; instead, there is an implicit trust that they just work and that the security features in the data-sheet do what they say. This is especially problematic when the processors are used for security products, such as bitcoin wallets, cars, or authentication tokens.
In this presentation we will take a look at using fault injection attacks to break some of the most popular IoT processors - using less than $100 USD of equipment.
We will also release software & hardware tools to do so.
Presenters:
-
Thomas Roth / stacksmashing
- Founder, Keylabs
as Thomas Roth
Thomas Roth is a security researcher and founder of leveldown security. His main focus is on mobile and embedded systems with published research on topics like TrustZone, payment terminals, and embedded security. In recent years, his main focus has been on critical infrastructure and communication, with published research on industrial control systems, industrial IoT devices and secure communication. In 2018, Thomas Roth and his research was named as one of the 30 under 30 in Technology by the Forbes Magazine and was named TCCA Young Engineer of the Year 2018.
-
Josh Datko
- Founder, Keylabs
Josh Datko is an embedded systems engineer, security researcher and former submarine officer. His published research includes a custom cellular hardware implant over a server's I2C bus and the first published account of glitching attacks against hardware wallets. He owns the embedded security consultancy Cryptotronix whose public contributions include Open Source Hardware cryptographic modules. He tells some pretty epic submarine stories.
Links:
Similar Presentations: