Advanced Hardware Attacks with the ChipWhisperer® Hands-On Side Channel Analysis & Fault Injection (3 days)
Course Objectives
This 3-days
course takes you through Side-Channel Power Analysis, and Fault Injection
Attacks on embedded systems (32-bit Arm Cortex M3/M4 as well as 8-bit
XMEGA).
This course concentrates on low-level embedded systems such as found in many IoT devices, as well as boot ROM and similar code. However, the techniques are directly applicable to other microcontrollers/Microprocessors and even FPGAs.
Results of such attacks include recovering encryption keys with DPA, bypassing security checks, bypassing password checks, and more. Students leave the course with a ChipWhisperer setup they keep, meaning they can continue to experiment with the provided material, and then apply it to their own targets after the course has completed.
Side-Channel Power Analysis - that freaky method of extracting secret keys from embedded systems that doesn´t rely on exploits or coding errors. It can be used to read out an AES-128 key in less than 60 seconds from a standard implementation on a small microcontroller.
Are your products vulnerable to such an attack? This course is loaded with hands-on examples to teach you not only about the attacks and theories, but how to apply them.
Fault Injection Attacks - can you even trust your hardware? This training will cover fault injection attacks (also known as glitch attacks) on embedded systems. These attacks allow you to entirely bypass security mechanisms, dump memory over communication interfaces, and wreak havoc for fun and profit.
The course uses the open-source ChipWhisperer project (www.chipwhisperer.com) for both hardware & software tools, meaning attendees can immediately take the knowledge learned in this course and apply it in real life. The course includes a ChipWhisperer-Lite or Nano, so students walk away with the hands-on hardware used during the lab.
During the three-days course, topics covered will include: theory behind side-channel power analysis (SPA, DPA, CPA, TVLA), measuring power in existing systems, setting up the ChipWhisperer hardware & software, understanding leakage detection, the theory and practice of Fault Injection techniques, and analyzing your own hardware.
Using many hands-on labs, students will use the ChipWhisperer hardware to walk through attacks on software AES, hardware AES, password checks, RSA, and more.
Side Channel Power Analysis has never been more accessible and testing your products has never been this inexpensive or easy.
This course concentrates on low-level embedded systems such as found in many IoT devices, as well as boot ROM and similar code. However, the techniques are directly applicable to other microcontrollers/Microprocessors and even FPGAs.
Results of such attacks include recovering encryption keys with DPA, bypassing security checks, bypassing password checks, and more. Students leave the course with a ChipWhisperer setup they keep, meaning they can continue to experiment with the provided material, and then apply it to their own targets after the course has completed.
Side-Channel Power Analysis - that freaky method of extracting secret keys from embedded systems that doesn´t rely on exploits or coding errors. It can be used to read out an AES-128 key in less than 60 seconds from a standard implementation on a small microcontroller.
Are your products vulnerable to such an attack? This course is loaded with hands-on examples to teach you not only about the attacks and theories, but how to apply them.
Fault Injection Attacks - can you even trust your hardware? This training will cover fault injection attacks (also known as glitch attacks) on embedded systems. These attacks allow you to entirely bypass security mechanisms, dump memory over communication interfaces, and wreak havoc for fun and profit.
The course uses the open-source ChipWhisperer project (www.chipwhisperer.com) for both hardware & software tools, meaning attendees can immediately take the knowledge learned in this course and apply it in real life. The course includes a ChipWhisperer-Lite or Nano, so students walk away with the hands-on hardware used during the lab.
During the three-days course, topics covered will include: theory behind side-channel power analysis (SPA, DPA, CPA, TVLA), measuring power in existing systems, setting up the ChipWhisperer hardware & software, understanding leakage detection, the theory and practice of Fault Injection techniques, and analyzing your own hardware.
Using many hands-on labs, students will use the ChipWhisperer hardware to walk through attacks on software AES, hardware AES, password checks, RSA, and more.
Side Channel Power Analysis has never been more accessible and testing your products has never been this inexpensive or easy.
General Information
Prerequisites
Students are
expected to be familiar with both C and Python (in-depth experience is not
required, but knowledge of general syntax and how to build programs in both).
Duration & Attendance
Online Training on May 18-21.5 + 25-26.5 (6 half days)
Target Audience
The course is suited for both Software and Hardware Engineers.
However, it is recommended that students should have a general background in embedded design or minimum hardware knowledge.
Additional Information
Teaching Methods & Tools
- Hardware: ChipWhisperer Lite/Nano (kept by the participant once class is done)
- Slides & Documentation used during the class (not open source, non-distributable)
- VMWare image & Software Tools (all tools are open source, distributable)
- Example capture traces (distributable)