Abstract
The bootloader is a critical part of a device’s secure startup, and its interactions with firmware images require cryptographic operations. Instead of storing keys for authentication and encryption in the bootloader, one can harden the system by offloading the key storage and all cryptographic operations to a secure element. This paper analyzes the susceptibility of MCUboot used in conjunction with a secure element to voltage fault injection during firmware image verification. We designed and built a low-cost voltage fault injection tool using a Cortex-M7 MCU and an analog switch, which can achieve a timing resolution of 6.67 ns. We found vulnerable instructions in the glue code between the bootloader and the secure element library. By targeting these vulnerable instructions, we showed how an attacker could bypass a signature verification performed by a secure element by faulting a Nordic nRF52840 host MCU. While secure elements are still suited for securely storing keys and other sensitive data, a holistic approach is required to secure a device against fault injection. Otherwise, the threat of fault injection could diminish the benefits of secure bootloaders and secure elements.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Morel, L., Couroussé, D.: Idols with feet of clay: on the security of bootloaders and firmware updaters for the IoT. In: 2019 17th IEEE International New Circuits and Systems Conference (NEWCAS), pp. 1–4 (2019)
Bittner, O., Krachenfels, T., Galauner, A., Seifert, J.P.: The forgotten threat of voltage glitching: a case study on Nvidia Tegra X2 SoCs. In: 2021 Workshop on Fault Detection and Tolerance in Cryptography (FDTC), pp. 86–97 (2021)
Van den Herrewegen, J., Oswald, D., Garcia, F.D., Temeiza, Q.: Fill your boots: enhanced embedded bootloader exploits via fault injection and binary analysis. IACR Trans. Cryptographic Hardware Embedded Syst. 2021(1), 56–81 (2020)
Milburn, A., Timmers, N., Wiersma, N., Pareja, R., Cordoba, S.: There will be glitches: Extracting and analyzing automotive firmware efficiently (2018). https://www.riscure.com/publication/extracting-and-analyzing-automotive-firmware-efficiently/ (Accessed 13 March 2023), Black Hat USA 2018
Cui, A., Costello, M., Stolfo, S.J.: When firmware modifications attack: a case study of embedded exploitation. In: 2013 20th Annual Network & Distributed System Security Symposium (2013)
Shwartz, O., Mathov, Y., Bohadana, M., Elovici, Y., Oren, Y.: Reverse engineering IoT devices: effective techniques and methods. IEEE Internet Things J. 5(6), 4965–4976 (2018)
Ronen, E., Shamir, A., Weingarten, A.O., O’Flynn, C.: IoT goes nuclear: creating a zigbee chain reaction. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 195–212 (2017)
Noseda, M., Zimmerli, L., Schläpfer, T., Rüst, A.: Performance analysis of secure elements for iot. IoT 3(1), 1–28 (2021)
MCUboot. https://www.mcuboot.com/, (Accessed 09 April 2023)
Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The sorcerer’s apprentice guide to fault attacks. Proc. IEEE 94(2), 370–382 (2006)
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) Advances in Cryptology – EUROCRYPT ’97, pp. 37–51. Springer, Berlin (1997). https://doi.org/10.1007/3-540-69053-0_4
Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: USENIX Workshop on Smartcard Technology (Smartcard 99). USENIX Association, Chicago, Illinois (1999)
Kazemi, Z., Norollah, A., Kchaou, A., Fazeli, M., Hely, D., Beroulle, V.: An in-depth vulnerability analysis of RISC-V micro-architecture against fault injection attack. In: 2021 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT), pp. 1–6 (2021)
Yuce, B., Schaumont, P., Witteman, M.: Fault attacks on secure embedded software: threats, design, and evaluation. J. Hardware Syst. Sec. 2(2), 111–130 (2018)
Kazemi, Z., Fazeli, M., Hely, D., Beroulle, V.: Hardware security vulnerability assessment to identify the potential risks in a critical embedded application. In: 2020 IEEE 26th International Symposium on On-Line Testing and Robust System Design (IOLTS), pp. 1–6 (2020)
Timmers, N., Spruyt, A., Witteman, M.: Controlling PC on ARM using fault injection. In: 2016 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 25–35 (2016)
Timmers, N., Spruyt, A.: Bypassing secure boot using fault injection (2016). https://www.riscure.com/publication/bypassing-secure-boot-using-fault-injection/ (Accessed 24 July 2023), Black Hat Europe 2016
Belleville, N., Couroussé, D., Heydemann, K., Charles, H.P.: Automated software protection for the masses against side-channel attacks. ACM Trans. Architec. Code Optimiz. (TACO) 15(4), 1–27 (2018)
Lalande, J.-F., Heydemann, K., Berthomé, P.: Software countermeasures for control flow integrity of smart card C codes. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 200–218. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11212-1_12
Yuce, B., Deshpande, C., Ghodrati, M., Bendre, A., Nazhandali, L., Schaumont, P.: A secure exception mode for fault-attack-resistant processing. IEEE Trans. Dependable Secure Comput. 16(3), 388–401 (2019)
De Clercq, Ret ak.: SOFIA: software and control flow integrity architecture. In: 2016 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1172–1177 (2016)
Werner, M., Unterluggauer, T., Schaffenrath, D., Mangard, S.: Sponge-based control-flow protection for IoT devices. In: 2018 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 214–226 (2018)
De Clercq, R., Verbauwhede, I.: A survey of hardware-based control flow integrity (CFI). arXiv preprint arXiv:1706.07257 (2017)
Ban, T.: HW fault injection mitigation. https://www.trustedfirmware.org/docs/TF-M_fault_injection_mitigation.pdf, (Accessed 03 March 2023)
Atilano, E., De Grandmaison, A., Heydemann, K., Bouffard, G.: Assessing the effectiveness of MCUboot protections against fault injection attacks. https://resources.linaro.org/en/resource/ibFLwRzhpZjBfvY5jhPypJ, (Accessed 10 November 2023)
Witteman, M.: Secure application programming in the presence of side channel attacks. https://www.riscure.com/publication/secure-application-programming-presence-side-channel-attacks/, (Accessed 01 March 2023)
Eugster, L., Stuck, S.: Secure Firmware Updates für IoT. Bachelor’s thesis, ZHAW Zurich University of Applied Sciences (2022)
Teensy 4.0. https://www.pjrc.com/store/teensy40.html, (Accessed 01 March 2023)
van Woudenberg, J., O’Flynn, C.: The Hardware Hacking Handbook. No Starch Press, San Francisco, CA (May 2021)
Riscure Inspector FI. https://www.riscure.com/security-tools/inspector-fi/, (Accessed 01 March 2023)
NewAE Technology Inc., ChipWhisperer. https://www.newae.com/chipwhisperer, (Accessed 01 March 2023)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Noseda, M., Künzli, S. (2024). Attacking Secure-Element-Hardened MCUboot Using a Low-Cost Fault Injection Toolkit. In: Manulis, M., Maimuţ, D., Teşeleanu, G. (eds) Innovative Security Solutions for Information Technology and Communications. SecITC 2023. Lecture Notes in Computer Science, vol 14534. Springer, Cham. https://doi.org/10.1007/978-3-031-52947-4_10
Download citation
DOI: https://doi.org/10.1007/978-3-031-52947-4_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-52946-7
Online ISBN: 978-3-031-52947-4
eBook Packages: Computer ScienceComputer Science (R0)