Hackable Security Modules Reversing and exploiting a FIPS 140-2 lvl 3 HSM firmware

Presented at REcon Brussels 2017, Jan. 28, 2017, 3 p.m. (60 minutes)

From Web PKI and digital signatures to PCI-DSS and DNSSEC, a big part ofthe security industry currently depends on special cryptographic modulesto implement cryptography, the so called Hardware Security Modules(HSMs). Every certificate used in the web has been signed by a keystored inside an HSM, and every time a DNSSEC query is being validated,the root keys generated by such an HSM are being used.In this presentation, the security of such a device, the UtimacoSecurityServer, will be evaluated. Inside the device, a TexasInstruments TMS320C64x DSP can be found which performs all operations.The TMS320C64x DSP is an exotic architecture compared to the classicx86, x86_64, ARM, MIPS and other common architectures, due to its uniquefeatures, such as the multiple functional units, each having its ownassembly commands and the ability to execute multiple commands inparallel. This architecture, together with the ABI and a smallintroduction to the memory organization will be presented. The researchwill then mostly focus on the device’s firmware. Due to the inabilityof IDA pro to correctly disassemble the files, and the minimal number oftools for this architecture, the capstone disassembler has been extendedand the TMS320C64x architecture has been added. Finally, a vulnerabilityto the HSM’s firmware will be presented, together with the methodologythat was used in order to find the bug.



Similar Presentations: