Title: Low-cost Chip Microprobing

Abstract:

Security is moving deeper into hardware and so should security research.

This talks introduces microprobing, an old technique for snooping on data inside chips, and details a low-cost probing setup.

Hardened security chips protect secrets in an astonishing range of applications from payment and ID cards to car controllers to DRM-enabled gadgets like your smartphone. Extracting a device's firmware for analysis is not always feasible using software tools. This talk looks into a generic intrusive method to extracting code from silicon chips.

We discuss both the physical extraction setup and glitching tricks to make the chip spill out its entire content. On the physical setup, we look at documented attacks on smart card chip, derive a simplified setup for 'home laboratories', and touch on upcoming attack potential through advanced microprobing.

On the topic of chip glitching, we reiterate over the good old 'linear code extraction' attack that tricks the chip into accessing all corners of its memories.

The talk provides an introduction to aspiring chip hackers as much as a warning to solution designers that too much rely on hardware protection.

Speaker Bio:

Karsten Nohl is a cryptographer and security researcher.  His research interests include GSM security, RFID security and privacy protection. 

Recorded at the 29th Chaos Communication Congress (29c3), 27.12.2012, Hamburg Germany.

http://events.ccc.de/congress/2012/Fahrplan/events/5124.en.html