Hardware Side Channel attacks on the cheapest
Hardware attacks such as side-channel analysis and fault injection have become more and more accessible in recent years, but the barrier to entry remains perceived as high. We show that these attacks can not only be done outside a security lab - as shown by previous work such as ChipWhisperer and CheapSCAte - but that in fact you need only a handful of absurdly cheap components. Of course, we’re not talking about attacks on high-security products such as high-end smartcards, but it’s more than enough to bypass security mechanisms and obtain encryption keys from typical IoT devices. By applying a powerful mixture of ignorance and open source tooling, anyone can pull off these attacks with little equipment - and just the knowledge you’ll gain from this talk.
IoT devices often do not consider Fault Injection and Side Channel attacks in their threat model. The price of the equipment needed as well as the knowledge required for these attacks is considered out of reach of ‘at-home’ hackers, and perhaps not that interesting for skilled and funded attackers. We show that anyone can perform these attacks at home with less than $5 of equipment. By using open-source tooling, you can quickly and efficiently perform attacks such as differential power analysis and fault analysis. We also discuss the impact of such attacks, which allow end-users to cheaply bypass security mechanisms and obtain encryption keys from lower-end devices including many IoT devices, and touch upon what can be done to defend against them.