[NIIBE Yutaka] STM32F103 flash ROM read-out service

[NdK]

Il 06/06/2018 17:49, Tom Li via Gnuk-users ha scritto:

> BTW, BasicCard and JavaCard seemed even more obscure and I cannot find
> any public service of cracking.
Because those are (at least should be) based on secure chips.

> But it does not solve any real problem in the perspective of cryptography.
> They are all "security through obscurity" at best, just driving out script
> kiddies (or equipment kiddies?) at worst.
The only secure (even against decapping attacks) device I know of is a
very old parallel-port "key" a friend described me ~25y ago.
It was made of 3 silicon layers: the outer ones only contained interface
circuits and 'randomness' while the keys and the logic were in the
central layer. Trying to remove the outer layers destroyed the random
patterns that were used as 'internal master key', rendering the rest
completely useless.
IIRC some recent chips reused (partially) that idea, rebranded under
"Physically Unclonable" something.
Yep... Found:
https://community.cadence.com/cadence_blogs_8/b/breakfast-bytes/posts/secret-key-generation-with-physically-unclonable-functions
(but looking for "physically unclonable chip" returns lots of results).
Those chips work on the same principle: decapping alters the silicon
layers and the 'random id' changes before the attacker have a chance to
read it.

> As I have said in the gnuk-users list, the only way to solve this problem
> is using something like a secure chip, a TPM, or a cryptography coprocessor.
> It is very important, but the free software community never trusted these
> devices, because they can be used to carry out "trusted computing" vendor
> lock-in, implement DRM, implant backdoors, etc.
Then we should all use RISC-V chips :)

> Now I have plans to experiment with the ATECC508A chip by Atmel, if I have time.
> It looks like a simple security chip with full specs, and suitable to be used with
> Gnuk. The datasheet is interesting, see
> [5] http://ww1.microchip.com/downloads/en/DeviceDoc/20005927A.pdf
Too bad neither ETECC508A nor ATECC608A support curve25519 :( Only some
NIST ones.

> Also, the TPM chips found on x86 systems are really underestimated by the
> Free Software community, since it's a mass-produced commodity chip with full
> spec available.
Well, at least some TPM 1.2 chips have already been cracked.

> To prevent the chip becoming a single point of failure, we can implement
> "split-secret" or "double-encryption" scheme. This allows us to use the security
> chip in a trustless manner - a offline attacker needs to break both STM32F1
> and the security chip, before getting access to the key material. No matter
> what have happened to the chip, the key is still as secure as the original
> STM32F1 + KDF-DO.
Yes, but you risk having very long delays, that could even be
unacceptable. Unless there's a way to parallelize the operations (say
'do more KDF iterations while the chip is decoding').

> All to be said, we don't really know if the "STM32 Cracking" service really
> works. Perhaps we can launch a funding campaign to accept donations, and
> find one company to actually pay them to attack our existing Gnuk systems,
> and see if they can recover the encrypted data from ROM.
I'd bet it works as described in the offers.

BYtE,
 Diego