Fault injection, also known as glitch attacks, is a hardware hacking technique that has been successfully used to attack all kind of targets for more than 20 years. However, most of the security experts ignore about its existence or understates its risks. With the recent decrease on the tooling cost required to perform fault injection, these type of attacks have become affordable for the masses. At the same time, the generalization of secure coding practices and the rise of the IoT devices based on small SoCs is increasing the interest on these and other hardware attacks, as quite often nowdays they are the only resort to attack some electronic devices.
In this talk, we tell our war stories about performing fault injection attacks on a wide variety of devices used by different industries. Our real stories - a compendium of more than 10 years of experience as hardware security analysts - will cover the full spectrum what fault injection is about. We will be talking about shooting lasers, breaking military grade cryptography, unblocking locked devices, revealing the deepest secrets hidden in the hardware and much more. But not everything is lost for your electronic devices! We will also talk about how you can protect your hardware and software against these powerful attacks.