https://media.ccc.de/v/camp2023-57401-unlock_the_door_to_my_secrets_but_don_t_forget_to_glitch

Microcontrollers are used in numerous applications and even in security-relevant areas, for example in form of hardware security tokens or crypto wallets.
Hence, the non-volatile flash memory of microcontrollers contains sensitive assets such as cryptographic secrets or intellectual property, that need to be protected from being read out by adversaries.
In order to prevent illegal extraction through the integrated debug interface, dedicated protection features are in place.

In this talk, we take a look at an attack vector that we call *flash erase suppression*. This attack vector leverages that many microcontrollers allow to deactivate their debug interface protection under the condition that the entire flash memory is erased first.
The attack suppresses this mass erase with a glitch whereby its contents are preserved and accessible through the activated debug interface.
This type of attack was first presented by Schink et al. at CHES 2021, but only received little attention so far.

The talk provides an introduction to this attack vector and gives a foretaste of a comprehensive analysis that will be published soon.
The attack will be demonstrated live on stage with an exemplary microcontroller.

marc

https://pretalx.c3voc.de/camp2023/talk/AS9MQY/

#camp2023 #Milliways