… "The first of two versions of the RayV Lite will focus on laser fault injection (LFI). This technique uses a brief blast of light to interfere with the charges of a processor’s transistors, which could flip them from a 0 value to a 1 value or vice versa. Using LFI, Beaumont and Trowell have been able to pull off things like bypassing the security check in an automotive chip’s firmware or bypassing the PIN verification for a cryptocurrency hardware wallet.

The second version of the tool will be able to perform laser logic state imaging. This allows snooping on what’s happening inside a chip as it operates, potentially pulling out hints about the data and code it’s handling. Since this data could include sensitive secrets, LSI is another dangerous form of hacking that Beaumont and Trowell hope to raise awareness of." …

  • A_A@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    5
    ·
    5 months ago

    Safeguards against LSi may include :
    Sensor-based detection ?
    Error detection and correction ?
    Redundancy and duplication ?
    Shielding // physical + chemical protection ?
    Anti-tamper mechanisms ?
    Randomization and noise injection ?

    • solrize@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      ·
      5 months ago

      Chapter from “Security Engineering” (2nd ed) about physical tamper resistance:

      https://www.cl.cam.ac.uk/~rja14/Papers/SEv2-c16.pdf

      It’s been ages since I read it so idr how much of it was at chip level. Really high end stuff have the secure chips in a tamper reactive enclosure so it’s difficult to get to them without first erasing the contents. The chapter discusses that ;).

      • A_A@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        5
        ·
        5 months ago

        Because this is not my domain of expertise and I seek comments from other people.