Despite high-profile failures, there can be no doubt that embedded security is improving. Yet, several dark clouds loom on the horizon – including side channel attacks and fault attacks. For many, they remain vague and undefined, with complicated analysis required to understand if they are even applicable to a target of interest, yet alone how to perform the attack.
This talk introduces a new open-source tool, called ChipWhisperer-Lint, that will solve at least one of these problems. It can be used with the open-source ChipWhisperer hardware to completely automate finding power analysis attacks in arbitrary devices. The initial tool supports the AES algorithm, and five microcontrollers with AES hardware acceleration (which have not been previously broken) will be demonstrated to be vulnerable to side-channel power analysis. These attacks mean products relying on their encryption to protect critical secrets could be easily compromised (such as happened with the Philips Hue attack).
This tool extends Colin's previous work in making power analysis attacks accessible to every engineer with open-source hardware and software. This latest tool is a leap forward in accessibility and laziness, by removing even needing to truly understand how the attacks works. Now truly there can be no excuse for using insecure devices in your products, as finding specific side-channel power analysis vulnerabilities can be performed in a few minutes across a wide range of embedded devices.
Colin O'Flynn is an embedded designer turned hardware hacker, who started the open-source ChipWhisperer project. ChipWhisperer aims to bring side-channel power analysis and fault injection to every engineer & lab. He completed a PhD in electrical engineering at Dalhousie University on the topic of embedded security, and currently works at his start-up NewAE Technology, Inc. in Halifax, Canada.