CRC Seminar Series - Cristofaro Mune, Niek Timmers

Title:

Espressif ESP32: Bypassing unbreakable crypto using FI!

Abstract:

Modern secure devices support Secure Boot in order to assure the integrity and confidentiality of the software that's executed. Even if the authentication would by passed, the enforced decryption could still prevent an attacker from execution arbitrary code as the decryption key is not known. Using a Differential Fault Analysis (DFA) or Side-Channel Analysis (SCA) attack, it may be possible to recover the cryptographic key that's used by the Encrypted Secure Boot feature.
Interestingly, fault attacks can also be used to bypass Encrypted Secure Boot using easier methods than DFA or SCA attacks. In this presentation, we explain, step-by-step, how we bypassed the hardware-based Encrypted Secure Boot implementation of the ESP32 SoC using a single EM glitch, without any knowledge of the decryption key. Using this attack, where we exploited multiple (hardware) vulnerabilities, we were able to execute arbitrary code and extract the plain-text data stored in external flash.