The (Im)possibility of Hardware Obfuscation

Presented at The Last HOPE (2008), July 18, 2008, 10 a.m. (60 minutes)

This talk will discuss several different approaches to reverse engineering proprietary algorithms from hardware. It will focus on our mostly automated approach to reconstructing functionality by using a combination of analyzing photos of chip structures and protocol analysis. Using these techniques, the Mifare RFID tags were hacked, which caused quite a bit of public discussion about proprietary cryptography and "security by obscurity". The cryptography of the Mifare tags has several vulnerabilities including weaknesses in the random number generator and low resistance against brute force attacks. Furthermore, statistical flaws of the cipher enable very practical key-recovering attacks. This presentation will show the whole range of attacks as well as some general techniques to improve cryptographic protocols so they are more resistant.


Presenters:

  • Karsten Nohl
    Karsten Nohl hacks hardware with folks at CCC and some of the Shmoos. He is currently finishing his PhD at UVA where his research bridges theoretical cryptography and hardware implementation. Some of his current projects deal with RFID crypto, privacy protection, and the value of information.

Links:

Similar Presentations: