Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking...
Transcript of Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking...
![Page 1: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/1.jpg)
Breaking Bitcoin Hardware WalletsGlitches cause stitches!
Josh DatkoChris QuartierKirill Belyayev
Updated: 2017/07/07
![Page 2: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/2.jpg)
Link Drop!
All updated references, notes, links, can be found here:
https://www.cryptotronix.com/breakingbitcoin
![Page 3: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/3.jpg)
The bug that started it all
1 boo� storage_is_pin_correct(const char *pin)
2 {
3 return strcmp(shadow_config.storage.pin ,
4 pin) == 0;
5 }
On the STM32F205, when the first pin character is wrong it returnsin 100ns. When the fourth was wrong, it returned in about 1100ns.
If this was there, what else could we find?Broken Window Theory for Bugs
![Page 4: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/4.jpg)
Initial Attack Plan
1. Send change_pin viaPython.
2. Watch the return overUSB–measure when the PINfailed.
3. Profit?!
Prevents retries with abusy wait loop.
Back off timer
![Page 5: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/5.jpg)
ChipWhisperer
1
![Page 6: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/6.jpg)
This talk
Fault At tacks
Bitcoin Hardware Wallets
ChipWhisperer
![Page 7: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/7.jpg)
One slide intro to Fault Attacks
Definition
An attack that applies an external stress on electronic system,which generates a security failure2.
Two Parts:
1. Fault Injection� Vcc glitching� Clock glitching
2. Fault Exploitation� Nicolas Bacca suggested glitching flash ops3, we wanted to
bypass the PIN as it was closer to ChipWhisperer examples.
![Page 8: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/8.jpg)
Our Motivation
What happens when you apply the ChipWhisperer to theSTM32F205 (F205)?
# Is the F205 vulnerable to fault injection?
# Is the TREZOR firmware exploitable via a fault?
# How do we raise awareness for these kinds of attacks?
![Page 9: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/9.jpg)
We just press the glitch button right?
# Turns out, you can’t justshake the wallet and haveBTC fall out.
# Requires some RE todetermine voltages, testpoints, how to modify thefirmware, etc. . .
# HW Wallets went OOS :(
Exhaust the supply chain
How to slow down attacks
![Page 10: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/10.jpg)
The Fail Train Cometh
# Clock glitching kinda worked? It made Windows USB very sad:(
# Rebooting unsigned firmware is teh suck (buttons to press).
# Timing analysis was working, but power analysis with CW wasnot.
# Logic level conversion is proof that the singularity is far away.
# Lots of scotch.
Or why don’t we just make our own TREZOR?
F-it dude, let’s go bowling.
![Page 11: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/11.jpg)
And now for something completely different
Before we get to the new hardware, we tried two other paths.
# De-scrambling the pin via OpenCV to automate testing.
# Decapping the STM32F205
![Page 12: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/12.jpg)
I spy with my little eye
![Page 13: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/13.jpg)
Decap all the things!
![Page 14: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/14.jpg)
We are silicon n00bs
# TBH, I just wanted to a cool silicon pic for DEF CON :)
# Decapping-as-a-Service exists though (DangerousPrototypes)
# I asked smarter people about this:� Cheap images don’t tell you much.� Some interconnects are exposed.� Maybe flip bits during runtime?
All the decap pics are on the website.Want more pics?
![Page 15: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/15.jpg)
Breaking Bitcoin Board
# Fits the ChipWhisperer UFO format# It is also a TREZOR clone.# Through-hole XTAL for more fun :)# On board glitch hardware to attack without a ChipWhisperer
![Page 16: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/16.jpg)
Glitch on the cheap
![Page 17: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/17.jpg)
A better setup
![Page 18: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/18.jpg)
There’s always a Rev B
![Page 19: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/19.jpg)
Loop, what loop?
1 void g�itch1(void)
2 {
3 // Some fake variab�e
4 vo�ati�e uint8_t a = 0;
5 putch(’A’);
6 // Shou�d be an infinite �oop
7
8 whi�e(a != 2){;}
9
10 uart_puts(�1234�);
11 whi�e (1){;}
12 }
![Page 20: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/20.jpg)
Loop, what loop?
![Page 21: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/21.jpg)
Ooof, that hurts
1 void g�itch_infinite(void)
2 {
3 char str [64]; unsigned int k = 0;
4 // This a�so adds �ots of SRAM access
5 vo�ati�e uint16_t i, j;
6 vo�ati�e uint32_t cnt;
7 whi�e (1){
8 cnt = 0; trigger_high ();trigger_�ow ();
9 for(i=0; i <200; i++){
10 for(j=0; j <200; j++){cnt ++;}}
11 sprintf(str , �%�u %d %d %d\n�,
12 cnt , i, j, k++);
13 uart_puts(str);}}
![Page 22: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/22.jpg)
Ooof, that hurts
![Page 23: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/23.jpg)
Ooof, that hurts
![Page 24: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/24.jpg)
O Password, My Password
1 void g�itch3(void)
2 {
3 char passwd [] = �touch�;char passok = 1;
4 for(cnt = 0; cnt < 5; cnt++){
5 if (inp[cnt] != passwd[cnt]){
6 passok = 0;}}
7 if (! passok){
8 uart_puts(�Denied\n�); whi�e (1);
9 } e�se {
10 uart_puts(�We�come\n�);
11 }
12
13 �ed_error (1);�ed_error (1);�ed_error (1);
14 }
![Page 25: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/25.jpg)
O Password, My Password
![Page 26: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/26.jpg)
O Password, My Password
![Page 27: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/27.jpg)
Ok, how’d we do
# Is the F205 vulnerable to fault injection?� Absolutely, yes.
# Is the TREZOR firmware exploitable via a fault?� Maybe? We have thoughts on how to trigger but going from
example to exploit takes some work still.� We talked to TREZOR and KeepKey about some issues.
# How do we raise awareness for these kinds of attacks?� While not quite an unlooper device, our PCB will help you find
the BORE (Break Once Run Everywhere) attack.
![Page 28: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/28.jpg)
Summary of Vulnerabilities
# STM32F205 is susceptible to fault attacks.# KeepKey had a timing analysis bug on PIN verfication.# TREZOR (and all clones) did not enable Clock Security System
in the MCU, allowing injection of clock faults.# A few pieces of code that could be made to more resilient.
Don’t loose physical control of your wallet.You really want to set PIN plus password.
Takeaway for wallet users
You will be glitched–can you trust your clock and VCC?
Takeaway for wallet designers
![Page 29: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/29.jpg)
Defenses from Fault Attacks
Write code assuming you will be glitched! (Riscure RSA 2008)4
and The Sorcerer’s Apprentice Guide to Fault Attacks.
# Don’t use 0 and not 0, using Hamming distance.
# Count your functions!
# Check for complete loop completion.
# Add Random delay–makes triggering a bit harder.
# Check sensitive operations multiple times and compareresults.
# Use multiple MCUs and check results?!
![Page 30: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/30.jpg)
Live Demo!
Let’s see some glitches!!!Chipwhisperer vs. STM32F205
![Page 31: Glitches cause stitches! - DEF CON CON 25/DEF CON 25 presentations/DEFCON...Breaking BitcoinHardwareWallets Glitches cause stitches! Josh Datko Chris Quartier Kirill Belyayev Updated:](https://reader031.fdocuments.in/reader031/viewer/2022022011/5b07bdbe7f8b9a93738b61a4/html5/thumbnails/31.jpg)
Endnotes
1https://wiki.newae.com/Fi�e:Cw�ite_basic.png
2Encyclopedia of Cryptography and Security, 2nd Edition.
3https://www.slideshare.net/EricLarcheveque/bitcoin-hardware-wallets-security
4https://cryptotronix.fi�es.wordpress.com/2017/07/paper_side_channe�_
patterns.pdf