doc: add attack
This commit is contained in:
parent
47528d2b7e
commit
bb15bbda72
12
README.rst
12
README.rst
|
@ -78,11 +78,21 @@ It has a hole to pass a string through and attach it to a key-chain you keep wit
|
|||
This string also allows to easily unplug the device from the computer.
|
||||
It is also recommended to draw on the back of the device, so it becomes unique and hard to tamper with unnoticed.
|
||||
|
||||
Obermaier and Tatschner [showed in 20179(https://www.usenix.org/system/files/conference/woot17/woot17-paper-obermaier.pdf) how to degrade the readout protection.
|
||||
This involved decapsulating the chip, which would make it easy to see that the device has been tampered with once you added a drawing onto it.
|
||||
Other side channel or fault injection attacks could exist to retrieve the key in a less destructive way.
|
||||
Since the passkey is inexpensive, just toss it away and get a new one if you suspect it has been tampered with.
|
||||
The other possibility would be for and attacker to intercept the device on the shipping way, extract the ID and corresponding manufacturer key, and programming them on a new chip, along with a malicious firmware.
|
||||
This malicious device could still pass authentication.
|
||||
To prevent this attack, you can manufacturer the passkey yourself.
|
||||
The board design files and firmware source code are open and available.
|
||||
The bill of material in around $2, and the parts can be hand soldered with little experience.
|
||||
|
||||
firmware
|
||||
========
|
||||
|
||||
The devices is based on a [STM32F042F6P](https://www.st.com/en/microcontrollers-microprocessors/stm32f042f6.html) micro-controller.
|
||||
The firmware uses [TinyUSB](https://github.com/hathach/tinyusb).
|
||||
The firmware uses the [TinyUSB](https://github.com/hathach/tinyusb) USB stack.
|
||||
The device comes locked, preventing it to be re-flashed.
|
||||
I connected a DAPlink programmer to flash it, using the SWD test points on the back.
|
||||
To compile and flash it:
|
||||
|
|
Loading…
Reference in New Issue