Hands-on Workshop on Fault Injection Attacks

Presented at Disobey 2023, Feb. 17, 2023, 2 p.m. (120 minutes).

Fault injection attacks are a physical attack technique used to induce vulnerabilities in otherwise trouble free code and hardware. This is done by altering the target's normal operating environment in an adversarial fashion. For instance, Electromagnetic Fault Injection (EMFI) directs a powerful electromagnetic pulse at a CPU to induce temporary faults. As a result, the code execution is occasionally diverted, and data may get corrupted. By controlling the fault timing, length, and power, as well as the injection scenario we can somewhat deterministically attack systems intended to be secure against attackers with physical access. Upon hearing about glitch attacks, most people wonder how practical these attacks really are. How much expertise is required, and how likely are they to succeed? In this session we will try and succeed doing these attacks on realistic practice targets. We do this without invasive modifications like de-capping, soldering or drilling. To accomplish this we use an EMFI tool called PicoEMP, which is affordable and easy to use. The workshop is open for all observers and listeners for a 30 minute intro lecture. After the introduction we will spend the remainder of session to conduct hands-on experiments. There is limited capacity for the hands-on hacking part. We have 7 pre-built EMFI devices and have a separate registration with an at cost sign-up fee. With the fee the device will be yours to take home and continue experimenting. Participants of the hands-on workshop should bring their own laptops. Details about the registration and supplemental materials are provided at https://faultattack.github.io/

Presenters:

• Joona Kannisto - Staff Security Engineer at Qualcomm
  At work, Joona works on securing low level software on mobile chips. The best moments in security work are when previously held beliefs and assumptions about what is possible break down.
• Tomi Koski - Visma, Red (read: Purple) Teamer
  Tomi Koski has been working with IT-systems for many moons, actually since (the wonderful) 1990's. He is passionate about anything related to security, combining both physical and virtual worlds. He is a constant learner and very curious person about life and bug bounties.https://public-exposure.inform.social/author/tomi-koski/
• Mika Kaustinen - Senior Researcher at Turku University of Applied Sciences
  Mika has been working with the microchips and low level software 30 years. Mika thinks he is also a pretty big hacker. Latest years he has worked as Senior Researcher at Turku University of Applied Sciences.Latest years he has worked as Senior Researcher at Turku University of Applied Sciences. https://www.turkuamk.fi/fi/turun-amk/yhteystiedot/4307/mika-kaustinen https://www.turkuamk.fi/fi/artikkelit/2991/vahan-kuin-nykyajan-vakoilua-mika-kaustinen-paatyi-nokian-opeista-turun-amkn-kyberturvallisuusasiantuntijaksi

Links:

• https://disobey.fi/2023/profile/fault_injection_attacks

Similar Presentations:

• REcon 2019 / MINimum Failure - Stealing Bitcoins with Electromagnetic Fault Injection
• May Contain Hackers (MCH2022) / Fault Injection on a modern multicore System on Chip
• DEF CON China 1.0 (2019) / Got To Glitch Them All: 10+ Years of War Stories Glitching Embedded and IoT Devices