Fault Injection Attacks on Secure Boot

Explore fault injection attacks on secure boot systems in this 27-minute conference talk from the Hack In The Box Security Conference. Delve into the vulnerabilities of standard embedded technology against hardware fault injection techniques, including power supply manipulation, electromagnetic pulses, and optical pulses. Learn how these attacks can compromise high-privilege code bases, particularly secure boot processes, potentially leading to system takeovers. Discover practical examples of fault injection attacks on embedded systems and their impact on secure boot. Gain insights into effective mitigation strategies for implementers to enhance system security against such attacks. Benefit from the expertise of Niek Timmers and Albert Spruyt, senior security analysts at Riscure, as they share their research on fault injection techniques, system-on-chip security, and the intersection of cryptography and hardware vulnerabilities.

Intro
A fault injection definition...
Fault injection techniques
Type of faults
Secure boot in reality
Why use a hardware attack?
Why (not) fault injection on secure boot?
Typical assets
Open source tooling
Commercial tooling
Fault injection setup
Hash comparison
Mitigations
Combined attack: Copy
Combined attack: Wild Jungle jump
Combined attacks - Summary
Attacker Practicalities
Conclusion