Search


  • Categories


  • Archives

    « Home

    Computerworld: Researcher claims hack of chip used to secure computers, smartcards

    Computerworld reports news affecting privacy from the Black Hat security conference in Washington, D.C.:

    A researcher with expertise in hacking hardware Tuesday detailed at the Black Hat DC conference how it’s possible to subvert the security of a processor used to protect computers, smartcards and even Microsoft’s Xbox 360 gaming system.

    Christopher Tarnovsky, a researcher at Flylogic Engineering, said he has hacked an Infineon SLE 66 CL PC processor that is also used with Trusted Platform Module (TPM) chips. He emphasized that his research shows TPM, which was developed as an industry specification for hardware-based computer security by the Trusted Computing Group and has been implemented in hardware by Infineon and other manufacturers, is not as secure as presumed. TPM can be used for a wide variety of purposes, including storage of encryption keys and is used with Microsoft’s BitLocker encryption technology. […]

    Tarnovsky’s method, as he described it, entailed jumping the wire into the internal circuitry of the Infineon chips to create a bypass into the core. Tarnovsky acknowledged it took him six months to figure out how to effectively penetrate it, which required bypassing circuitry on chips he purchased inexpensively from Chinese manufacturers.

    Tarnovsky’s examination process involved subtle use of hardware-based liquid chemical and gas technologies in a lab setting to probe with specialized needles to build tungsten bridges. “Once I’m physically through the device, I have to eavesdrop on the databus,” he said, adding “I can sit in the databus and listen.” […]

    Speaking with reporters, Tarnovsky said Infineon had claimed the type of exploit he did wasn’t really possible. But the fact that it can be done raises serious questions about security in TPM modules that should be addressed by the industry, he pointed out, adding two other manufacturers make TPM modules and he may be examining their products next. He acknowledged his hardware-hacking methods are probably not easy to duplicate and he doesn’t plan to share them widely.

    Leave a Reply