Episode 3 – Laser Fault Attacks
In this episode, we’re tackling a highly-sophisticated exploit: laser attacks. So take five, join our cybersecurity experts, and Enter the Donjon.
Today, we are going to show you another hardware attack technique. Today in the donjon, we will introduce you to laser attacks. It is an attack with a laser. We are going to carry out the laser attack on the chip of a hardware wallet which stores the seed, the secret that we wish to recover. The main principle of a laser attack is to illuminate the transistors during the operation of a circuit, because transistors are sensitive to light. They’re photosensitive. By illuminating them, we can change their behavior. We can make the circuit give us access to a file that is normally blocked. With a hardware wallet, this allows access to the seed of a user and therefore to his funds. Laser attacks are really advanced attacks. They require very expensive equipment and also a lot of experience. Laser attacks are rarely our first choice. We use them when other attacks have failed. They involve research that can be very intensive. A laser attack is a fairly invasive attack that requires preparation.
First, we need to extract the circuit that we want to attack from the wallet. For that, we start by dismantling it to recover the secure element. This is the component that ensures the product’s safety. Once we have extracted the secure element from the wallet, we strip it. We are going to remove the plastic as the laser cannot pass through it. To access the transistor, you have to remove it. Once we have thinned this component and prepared it, we solder it on a test model so we can communicate with it. Once we have soldered the component on the daughterboard, we connect it to the test model to test the chip and attack it. We ask the component for access to the seed of the device. Since we did not enter a PIN code, we get an error. Access is denied.
We are going to try to inject photo lasers to circumvent this protection, to ensure that the circuit agrees to send us the secret content. We then measure the electrical activity of the component. For this, I connect it to the oscilloscope to know when interesting things are happening and to identify an adequate firing window for the laser. We try to identify certain patterns. Looking at the electrical consumption of the circuit we found a repeating pattern that matches the reading of the secret in the memory and so, logically, the verification of permissions is analyzed just before, and this is the window of opportunity where we try to alter the chip to unlock access. Now, we know roughly when to shoot. Then we have to know where to shoot. We are going to conduct tests to find the right transistor to attack. For this, we use a microscope with a magnification of 1,000. The electronic chip is really microscopic. What we observe here is the chip under the microscope and we are able to define searchable areas, with the goal to find the vulnerable transistor that allows us to gain access.
For that, we are going to start shooting the laser in a somewhat exploratory way. We aim at different areas on the chip until we get an unexpected behavior. Everything is set. The circuit is on, the microscope is ready, the laser is armed. We can start shooting. The small white flash that we see on the screen is the laser beam that is attacking the component. Each red dot tells us that the attacked transistor is not vulnerable. We track down the vulnerable transistor that will allow us to unlock the chip, and this will be manifested by the appearance of a green dot. This time, a green dot has appeared, which means that the attack worked on this transistor. We were able to recover the seed that is displayed here. Now, the wallet is completely unlocked. We have access to the user’s funds. After the Donjon successfully hacked this hardware wallet, the Donjon Masters reported the vulnerability to the manufacturer This flaw has since been fixed. This exploit has never affected a ledger hardware wallet.