[HN Gopher] Automatic Extraction of Secrets from the Transistor ... ___________________________________________________________________ Automatic Extraction of Secrets from the Transistor Jungle Using Laser-Assisted [pdf] Author : todsacerdoti Score : 32 points Date : 2021-09-01 05:02 UTC (4 hours ago) (HTM) web link (www.usenix.org) (TXT) w3m dump (www.usenix.org) | progbits wrote: | Impressive results. | | Can anyone think of negative consequences for end-users? I | imagine this is not really a practical attack vector on your | YubiKey's 2FA keys or TPM disk encryption keys. | | All the applications I can think of are unwanted just for DRM and | other compute-freedom restrictions, which I see as a win. (See | sibling comment from no_time). | | Maybe one edge case would be things like SGX? IIUC being able to | extract the secret keys would allow one to write an emulator that | can run arbitrary code and pass remote attestation, while still | being able to inspect (and modify) the code and data. This is | something which feels at least somewhat useful and not | fundamentally user-hostile. But my understanding is that the | security model there might be broken regardless. | baybal2 wrote: | There are already services to do "firmware recovery" from | individual credit cards in China. | | Those guys allegedly have access to TEM labs. TEM is a much | more impressive, and expensive piece of hardware than this. | | Usually there are just a dozen of TEM labs per an | industrialised country. | _nhynes wrote: | > One might argue that it is not always true that the adversary | can program different keys into the NVM on a training device, | for instance, when one-time programmable (OTP) memories like | e-fuses or ROMs are used. We admit that such keys cannot be | extracted using our approach. | | The SGX remote attestation key is burnt into the chip during | manufacture and isn't programmable. | no_time wrote: | Extracting a single SGX private key is less desirable but | nonetheless practical even if the hardware gets destroyed in | the process. You could load the extracted key into an | emulator and do your computing that way. It just does not | scale unfortunately. | | Decrypting the firmware of ME or AMD PSP this way could | totally work though. | IshKebab wrote: | Hardware roots of trust are used for secure boot and device | encryption. There are definitely downsides to secure boot | systems but for the average user it just means better security. | I don't think there are any real downsides to device | encryption. | qualudeheart wrote: | Uh oh. | no_time wrote: | Very nice job. Imagine an alternative universe without the DMCA | where we could crowd fund the secret extraction of these | processors to increase user freedom. | mateo1 wrote: | I don't think there's going to be a consumer application of | this anytime soon. However this seems practical enough for big | organizations to break things like TPM, clone | credit/debit/SIM/NFC cards and do cybersecurity research. ___________________________________________________________________ (page generated 2021-09-01 10:00 UTC)