From bb15bbda72f03df5adf37c4efeee64ce609109d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?King=20K=C3=A9vin?= Date: Thu, 18 Apr 2024 02:59:29 +0200 Subject: [PATCH] doc: add attack --- README.rst | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/README.rst b/README.rst index 855bd147a..dc0cfb880 100644 --- a/README.rst +++ b/README.rst @@ -78,11 +78,21 @@ It has a hole to pass a string through and attach it to a key-chain you keep wit This string also allows to easily unplug the device from the computer. It is also recommended to draw on the back of the device, so it becomes unique and hard to tamper with unnoticed. +Obermaier and Tatschner [showed in 20179(https://www.usenix.org/system/files/conference/woot17/woot17-paper-obermaier.pdf) how to degrade the readout protection. +This involved decapsulating the chip, which would make it easy to see that the device has been tampered with once you added a drawing onto it. +Other side channel or fault injection attacks could exist to retrieve the key in a less destructive way. +Since the passkey is inexpensive, just toss it away and get a new one if you suspect it has been tampered with. +The other possibility would be for and attacker to intercept the device on the shipping way, extract the ID and corresponding manufacturer key, and programming them on a new chip, along with a malicious firmware. +This malicious device could still pass authentication. +To prevent this attack, you can manufacturer the passkey yourself. +The board design files and firmware source code are open and available. +The bill of material in around $2, and the parts can be hand soldered with little experience. + firmware ======== The devices is based on a [STM32F042F6P](https://www.st.com/en/microcontrollers-microprocessors/stm32f042f6.html) micro-controller. -The firmware uses [TinyUSB](https://github.com/hathach/tinyusb). +The firmware uses the [TinyUSB](https://github.com/hathach/tinyusb) USB stack. The device comes locked, preventing it to be re-flashed. I connected a DAPlink programmer to flash it, using the SWD test points on the back. To compile and flash it: