SLIDE 1
Defeating Secure Boot with EMFI
Ang Cui, PhD & Rick Housley {a|r}@redballoonsecurity.com
Defeating Secure Boot with EMFI Ang Cui, PhD & Rick Housley - - PowerPoint PPT Presentation
Defeating Secure Boot with EMFI Ang Cui, PhD & Rick Housley - - PowerPoint PPT Presentation
Defeating Secure Boot with EMFI Ang Cui, PhD & Rick Housley {a|r}@redballoonsecurity.com PROJECT 1. Open-source project to democratize EMFI research 2. 2 years of work so far PROJECT Disclaimer: BadFET-style EMFI research is
SLIDE 2
SLIDE 3
PROJECT
- 1. Open-source project to democratize EMFI research
- 2. 2 years of work so far
SLIDE 4
PROJECT
Disclaimer:
- BadFET-style EMFI research is hilariously
- dangerous. (but srsly. It’s dangerous)
- Licking any part of BadFET will almost
certainly kill you.
SLIDE 5
Last year…
SLIDE 6
DISCLAIMER
- BADFET is very experimental
- BADFET uses voltage and current in INSTANT DEATH
territory.
- PLEASE be careful, and experiment at your OWN RISK
SLIDE 7
SLIDE 8
SLIDE 9
SLIDE 10
We are jerks to Cisco Phones Cisco 8861
SLIDE 11
Cisco 8861/8851
- Dual Core ARMv7
- Broadcom BCM11125
- Processor @ 1001MHz
- Secure Boot
SLIDE 12
Cisco 8861/8851
- Dual Core ARMv7
- Broadcom BCM11125
- Processor @ 1001MHz
- Secure Boot
2 orders of magnitude faster than any device In previous EMFI attack
SLIDE 13
Boot ROM Small TrustZone API Init MMU, Clocks Load Stage 1 From FLASH -> DRAM Verify & Execute Stage 1
SLIDE 14
Inits GPIO, pinmux, i2c, PMU, etc Load stage 2 From NAND -> DRAM Verify & Execute Stage 2 (uBoot)
SLIDE 15
Load VC4 & Kernel FLASH -> DRAM Verify VC4 Execute VC4 Verify Linux Kernel Execute Linux Kernel
SLIDE 16
SMC Service ID 0xE00013 RSA_DECRYPT Does exactly what you think it does
SMC = Secure Monitor Call
SLIDE 17
SMC Service ID 0xE00013 RSA_DECRYPT
SMC = Secure Monitor Call
Encrypted Data Buffer for decrypted data
SLIDE 18
SMC = Secure Monitor Call
SLIDE 19
Whelp
SMC = Secure Monitor Call
SLIDE 20
Phone does not take user input during boot
SLIDE 21
Phone does not take user input during boot Get to uBoot console, defeat TrustZone
SLIDE 22
So…
SLIDE 23
So…
SLIDE 24
Invasive.
SLIDE 25
Not Scalable.
SLIDE 26
Shameful.
SLIDE 27
Wire, but without the wire?
SLIDE 28
SLIDE 29
ATLAS-I AKA TRESTLE SANDIA {1972 – 1991} 100 kV 5 Megavolts 100 nanosecond rise-time
SLIDE 30
Electro-Magnetic Fault Injection
SLIDE 31
Faraday’s Law
SLIDE 32
Ampere’s Law
SLIDE 33
Magnetic Field Generation Magnetic Field Induction
Faraday’s Law Ampere’s Law
SLIDE 34
SLIDE 35
Power + Speed + Coil SUPER SECRET EMP FORMULA
SLIDE 36
SLIDE 37
Ma Magnetic m microprobe d design f for E EM f M fault at attac ack Omarouayache, R and Raoult, J and Jarrix, S and Chusseau, L and Maurine, P
Biot-Savart Law
SLIDE 38
Ma Magnetic m microprobe d design f for E EM f M fault at attac ack Omarouayache, R and Raoult, J and Jarrix, S and Chusseau, L and Maurine, P
SLIDE 39
Maths
Th The Finite Element Method in Electromagnetics Jian-Ming Jin
SLIDE 40
It’s been done…
SLIDE 41
Amine Dehbaoui, Jean-Max Dutertre†, Bruno Robisson and Assia Tria
- S. Ordas1 · L. Guillaume-Sage1 · P. Maurine1,2
SLIDE 42
- S. Ordas1 · L. Guillaume-Sage1 · P. Maurine1,2
Yu-ichi Hayashi, Naofumi Homma, Takaaki Mizuki, Takafumi Aoki, and Hideaki Sone
SLIDE 43
SLIDE 44
SLIDE 45
SLIDE 46
Cisco 8861/8851
- Dual Core ARMv7
- Broadcom BCM11125
- Processor @ 1001MHz
- Secure Boot
SLIDE 47
SLIDE 48
SLIDE 49
SLIDE 50
SLIDE 51
SLIDE 52
SLIDE 53
Example Second-Order EMFI Attack
- Indiscriminant of DATA
- CODE integrity is preserved in ICACHE
- Cause error-handling code to process
corrupted data
SLIDE 54
Fault Conditions
We like writing data dependent fault handlers
SLIDE 55
Fault Conditions
SLIDE 56
Fault Conditions
SLIDE 57
Let’s Build Our Own EMP
SLIDE 58
Wi Widow dowmake aker
SLIDE 59
SLIDE 60
After the death of many Raspberry PI’s… And lots of loud bangs… Decided to take a break
SLIDE 61
Rick knows how electrons work better than me
SLIDE 62
Rick is either incredibly brave. Or…
SLIDE 63
HAY RICK!
SLIDE 64
PROJECT
SLIDE 65
- Requirements
– Fast pulsing – Multiple pulses – Larger Distance (no decapping) – Cheaper – Controllable/Standalone
SLIDE 66
went through many versions of BADFETS
SLIDE 67
SLIDE 68
SLIDE 69
SLIDE 70
SLIDE 71
SLIDE 72
SLIDE 73
SLIDE 74
SLIDE 75
SLIDE 76
SLIDE 77
SLIDE 78
SLIDE 79
SLIDE 80
SLIDE 81
SLIDE 82
SLIDE 83
SLIDE 84
SLIDE 85
Some mistakes are more precious than others
SLIDE 86
OC OCTALBAD BAD
SLIDE 87
KILOBAD
SLIDE 88
KILOBAD
SLIDE 89
v1.0!
SLIDE 90
SLIDE 91
SLIDE 92
BADFET’s relationship with Magic Smoke
SLIDE 93
SLIDE 94
SLIDE 95
SLIDE 96
SLIDE 97
SLIDE 98
SLIDE 99
SLIDE 100
SLIDE 101
SLIDE 102
Additional problems
- Need intelligent board design
for high speed designs, etc.
SLIDE 103
Parallel! – nope –(
Cl Class D voltage ge-swi switching MOSFET power wer amp mplifier er Kazimierczuk, Marian K
SLIDE 104
SLIDE 105
SLIDE 106
Features
- Programmable + Debug (SWD)
- Scriptable
- Microsecond Pulse Time
- 350 Voltage (Current Configuration)
- 10 Microsecond Recharge Time (Current
Configuration)
- Child Friendly
- Adult Friendly
- Safe
Please just don’t use it
SLIDE 107
SLIDE 108
SLIDE 109
Magnetic Microprobe Design for EM Fault Attack
- R. Omarouayache, J. Raoult, S. Jarrix, L. Chusseau
SLIDE 110
Automate!
SLIDE 111
SLIDE 112
SLIDE 113
SLIDE 114
The Following Slides are videos Please visit the gitlab /docs to view these
SLIDE 115
Square Probe
SLIDE 116
SLIDE 117
Core-less Coil
SLIDE 118
SLIDE 119
Sharpened Core
SLIDE 120
SLIDE 121
Flat Core
SLIDE 122
SLIDE 123
Let’s Do This.
SLIDE 124
SLIDE 125
{R|A}@redballoonsecurity.com
www.github.com/RedBalloonShenanigans/BADFET
SLIDE 126
{R|A}@redballoonsecurity.com
www.github.com/RedBalloonShenanigans/BADFET
Sa Safety
At LEAST Class 1 Insulating gloves 75 7500 VAC 15 15,000 VDC DC MAKE SURE THEY FIT
- Eye Protection
- Fire Extinguisher
- Common Sense