Unlock the Door to my Secrets, but don’t Forget to Glitch
08-19, 14:00–14:20 (Europe/Berlin), Milliways
Language: English

Microcontrollers are used in numerous applications and even in security-relevant areas, for example in form of hardware security tokens or crypto wallets.
Hence, the non-volatile flash memory of microcontrollers contains sensitive assets such as cryptographic secrets or intellectual property, that need to be protected from being read out by adversaries.
In order to prevent illegal extraction through the integrated debug interface, dedicated protection features are in place.

In this talk, we take a look at an attack vector that we call flash erase suppression. This attack vector leverages that many microcontrollers allow to deactivate their debug interface protection under the condition that the entire flash memory is erased first.
The attack suppresses this mass erase with a glitch whereby its contents are preserved and accessible through the activated debug interface.
This type of attack was first presented by Schink et al. at CHES 2021, but only received little attention so far.

The talk provides an introduction to this attack vector and gives a foretaste of a comprehensive analysis that will be published soon.
The attack will be demonstrated live on stage with an exemplary microcontroller.

For several years, I have been doing hands-on research in embedded systems security at a research institute.