Sadeghi, Ahmad-Reza ; Mitev, Richard ; Saß, Marvin (2022)
Oops..! I Glitched It Again! How to Multi-Glitch the Glitching-Protections on ARM TrustZone-M.
25th Black Hat USA. Las Vegas, USA (06.-11.08.2022)
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Fault Injection (FI), also referred to as Glitching, has proven to be a severe threat to real-world computing devices. In this kind of attack, physical faults are injected into a device at runtime, to deliberately alter the target's behavior. In order to address this threat, various countermeasures have been proposed to counteract the different types of fault injection methods at different abstraction layers, either requiring modifying the underlying hardware or firmware at the machine instruction level.
Moreover, only recently, individual chip manufacturers have started to respond to this threat by integrating certain countermeasures in their products. Multiple Fault Injection (MFI) could theoretically be used against instruction-level based countermeasures, however, as stated by previous work conducting those attacks are considered highly impractical due to the lack of precise MFI tools and efficient parameter search algorithms.
In this presentation, we showcase μ-Glitch, the first FI platform dedicated to injecting multiple, coordinated voltage faults into a target device. We'll show a novel flow for MFI attacks to significantly reduce the search complexity for fault parameters, as otherwise, the search space increases exponentially with each additional fault to be injected. After that, we'll show the effectiveness and practicality of the attack platform on two real-world systems, featuring TrustZone-M: The first one has interdependent backchecking mechanisms, while the second has additionally integrated countermeasures against fault injection. It will be revealed that μ-Glitch can successfully inject four consecutive successful faults within an average time of one day.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2022 |
| Autor(en): | Sadeghi, Ahmad-Reza ; Mitev, Richard ; Saß, Marvin |
| Art des Eintrags: | Bibliographie |
| Titel: | Oops..! I Glitched It Again! How to Multi-Glitch the Glitching-Protections on ARM TrustZone-M |
| Sprache: | Englisch |
| Publikationsjahr: | 11 August 2022 |
| Veranstaltungstitel: | 25th Black Hat USA |
| Veranstaltungsort: | Las Vegas, USA |
| Veranstaltungsdatum: | 06.-11.08.2022 |
| URL / URN: | https://www.blackhat.com/us-22/briefings/schedule/index.html... |
| Kurzbeschreibung (Abstract): | Fault Injection (FI), also referred to as Glitching, has proven to be a severe threat to real-world computing devices. In this kind of attack, physical faults are injected into a device at runtime, to deliberately alter the target's behavior. In order to address this threat, various countermeasures have been proposed to counteract the different types of fault injection methods at different abstraction layers, either requiring modifying the underlying hardware or firmware at the machine instruction level. Moreover, only recently, individual chip manufacturers have started to respond to this threat by integrating certain countermeasures in their products. Multiple Fault Injection (MFI) could theoretically be used against instruction-level based countermeasures, however, as stated by previous work conducting those attacks are considered highly impractical due to the lack of precise MFI tools and efficient parameter search algorithms. In this presentation, we showcase μ-Glitch, the first FI platform dedicated to injecting multiple, coordinated voltage faults into a target device. We'll show a novel flow for MFI attacks to significantly reduce the search complexity for fault parameters, as otherwise, the search space increases exponentially with each additional fault to be injected. After that, we'll show the effectiveness and practicality of the attack platform on two real-world systems, featuring TrustZone-M: The first one has interdependent backchecking mechanisms, while the second has additionally integrated countermeasures against fault injection. It will be revealed that μ-Glitch can successfully inject four consecutive successful faults within an average time of one day. |
| Zusätzliche Informationen: | Die Arbeit wird auf dem kommenden renommierten „32nd USENIX Security Symposium“ im August 2023 unter dem Titel „Oops …! I Glitched It Again! How to Multi-Glitch the Glitching-Protections on ARM TrustZone-M” vorgestellt. |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Systemsicherheit Profilbereiche Profilbereiche > Cybersicherheit (CYSEC) |
| Hinterlegungsdatum: | 12 Okt 2022 08:16 |
| Letzte Änderung: | 11 Okt 2023 06:54 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum