extracting secrets from an embedded chip

Posted by Will on Stack Overflow See other posts from Stack Overflow or by Will
Published on 2010-06-07T08:08:03Z Indexed on 2010/06/07 8:12 UTC
Read the original article Hit count: 329

Filed under:
|

I am looking at an embedded system where secrets are stored in flash that is internal to the chip package, and there is no physical interface to get that information out - all access to this flash is policed by program code.

All DMA attacks and JTAG and such are disabled. This seems to be a common locked-down configuration for system-on-a-chip.

How might an attacker recover the secrets in that Flash?

I understand they can fuzz for vulnerabilities in the app code and exploit it, that there could be some indistinct general side channel attack or something.

But how would an attacker really go about trying to recover those keys? Are there viable approaches for a determined attacker to somehow shave-down the chip or some kind of microscope attack?

© Stack Overflow or respective owner

Related posts about security

Related posts about microchip