POWER ANALYSIS ATTACKS FOR CHEAPSKATES

Black Hat USA 2013

Presented by: Colin O'Flynn
Date: Wednesday July 31, 2013
Time: 11:45 - 12:45
Location: Roman 1 & 3

Power analysis attacks present a devious method of cracking cryptographic systems. But looking at papers published in this field show that often the equipment used is fairly expensive: the typical oscilloscope used often has at least a 1 GSPS sampling rate, and then various probes and amplifiers also add to this cost. What is a poor researcher to do without such tools? This presentation will give a detailed description of how to setup a power analysis lab for a few hundred dollars, one that provides sufficient performance to attack real devices. It's based on some open-source hardware & software I developed, and is small enough to fit in your pocket. This will be demonstrated live against a microcontroller implementing AES, with details provided so attendees can duplicate the demonstration. This includes an open-hardware design for the capture board, open-source Python tools for doing the capture, and open-source example attacks. Underlying theory behind side-channel attacks will be presented, giving attendees a complete picture of how such attacks work.

Colin O'Flynn

Colin O'Flynn has been working with embedded electronics for over ten years. His introduction to electronics began with a Radio Shack 30-in-1 kit, but since then he's moved on to a variety of embedded software and hardware projects. At a time he was involved in the open-source tool chain now used by Arudino, which transitioned into a job with Atmel as part of the low-power wireless division working on IEEE 802.15.4 devices. He has since returned to pursue his PhD at Dalhousie University in Halifax, Canada. He currently researches side-channel attacks on embedded cryptographic devices and has spoken at several conferences on topics around embedded security.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats