|![[Search]](https://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](https://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](https://talks.cam.ac.uk/images/contact.gif?1209136071)
||![[University of Cambridge]](https://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small} |
COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring. | ![[Talks.cam]](https://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071) |
University of Cambridge > Talks.cam > Computer Laboratory Security Seminar > Bumping attacks: the affordable way of obtaining chip secrets
Bumping attacks: the affordable way of obtaining chip secretsAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Wei Ming Khoo. This talk presents a new class of fault injection attacks called bumping attacks. These attacks are aimed at data extraction from secure embedded memory, which usually stores critical parts of algorithms, sensitive data and cryptographic keys. As a security measure, read-back access to the memory is not implemented leaving only authentication and verification options for integrity check. Verification is usually performed on relatively large blocks of data, making a brute force searching infeasible. I will evaluate memory verification and AES authentication schemes used in secure microcontrollers and a highly secure FPGA . By attacking the security in three steps, the search space can be reduced from infeasible 2 to the 100 to affordable 2 to the 15 guesses per block of data. This development was achieved by finding a way to preset certain bits in the data path to a known state using semi-invasive optical bumping. Further improvements to these attacks involved using non-invasive power glitching technique for the secure microcontroller. Partial reverse engineering of the FPGA made bumping attacks possible via the use of non-invasive threshold voltage alteration combined with power glitching. Research into positioning and timing dependency showed that Flash memory bumping attacks are relatively easy to carry out. This talk is part of the Computer Laboratory Security Seminar series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsSequencing Workshop J ARClub TalksOther talks100 Problems around Scalar Curvature Using single-cell technologies and planarians to study stem cells, their differentiation and their evolution Improving on Nature: Biotechnology and the Ethics of Animal Enhancement Saving the People of the Forest: one chocolate bar and one nebulizer treatment at a time Chains and Invisible Threads: Marx on Republican Liberty and Domination The Fyodorov-Bouchaud conjecture and Liouville conformal field theory A transmissible RNA pathway in honeybees The Rise of Augmented Intelligence in Edge Networks The Gopakumar-Vafa conjecture for symplectic manifolds Structural basis for human mitochondrial DNA replication, repair and antiviral drug toxicity 'Honouring Giulio Regeni: a plea for research in risky environments' A Bourdiesian analysis of songwriting habitus |
Tuesday 07 December 2010, 16:15-17:15