[NIIBE Yutaka] STM32F103 flash ROM read-out service

NIIBE Yutaka gniibe at fsij.org
Thu Jun 7 14:35:41 CEST 2018

I wrote:
> And... when you use a "secure" chip, how can you measure their claim to
> be "secure"?  In my opinion, it should be possible to be evaluated by
> independent party.

NdK <ndk.clanbo at gmail.com> wrote:
> You can choose the standard for having the device certified. And define
> the exact attack scenario. Then pay. A lot, usually. :(

I know something called "Protection Profile" or certification which is
required to offer devices to government.

Protection Profile: Eurosmart PP/9806, SSVG-PP of BSI, or JICSAP PP/0301.

Or, FIPS140-2 and FIPS140-2 DTR would be interesting document.

Or, we have Common Criteria for Information Technology Security

IMNSHO, those certification assume (and allow) proprietary technology.
And evaluation for certification is too rough (for me).

For example, many side channel attacks have been invented.

BTW, I know a company in Japan which offers a service to decap a IC chip
and to repair somthing by FIB in two days.  I don't know how much does
it cost.  If the read-out from flash method to STM32F103 is modifying
protection bit and simply use JTAG/SWD debugger, it takes two days +

More information about the Gnuk-users mailing list