Fast, Furious and Insecure - CHES · 2018-09-18 · Fast, Furious and Insecure Lennert Wouters,...

Preview:

Click to see full reader

Citation preview

Fast, Furious and Insecure

Lennert Wouters, Eduard Marin, TomerAshur, Benedikt Gierlichs and Bart Preneel

Lennert Wouters, Eduard Marin, TomerAshur, Benedikt Gierlichs and Bart Preneel COSIC

an imec research group at KU Leuven

2

The Tesla Model S key fobTI TMS37F128

MSP430

(MCU)

TMS37126

(transponder)

X-ray picture

No firmware readout

protection

SPI

COSIC

an imec research group at

• 40-bit key DST40 cipher [1]

• 40-bit challenge and 24-bit response

3

Findings

[1] Steve Bono, Matthew Green, Adam Stubblefield, Ari Juels, Aviel D. Rubin and Michael Szydlo

In Proceedings of the USENIX Security Symposium (2005), vol. 31, pp. 1–16.

COSIC

an imec research group at

• 40-bit key DST40 cipher [1]

• 40-bit challenge and 24-bit response

• No mutual authentication

3

Findings

[1] Steve Bono, Matthew Green, Adam Stubblefield, Ari Juels, Aviel D. Rubin and Michael Szydlo

In Proceedings of the USENIX Security Symposium (2005), vol. 31, pp. 1–16.

COSIC

an imec research group at

• 40-bit key DST40 cipher [1]

• 40-bit challenge and 24-bit response

• No mutual authentication

• Time-Memory Trade-Off Table

• Key recovery in ~2s on a Raspberry Pi

3

Findings

[1] Steve Bono, Matthew Green, Adam Stubblefield, Ari Juels, Aviel D. Rubin and Michael Szydlo

In Proceedings of the USENIX Security Symposium (2005), vol. 31, pp. 1–16.

COSIC

an imec research group at

4

Proof of Concept attack

COSIC

an imec research group at

5

COSIC

an imec research group at

5

COSIC

an imec research group at

5

COSIC

an imec research group at

• First notified Tesla on 31/08/2017

6

Responsible disclosure

COSIC

an imec research group at

• First notified Tesla on 31/08/2017

• Tesla vehicles produced from June onwards use a new key fob

6

Responsible disclosure

COSIC

an imec research group at

• First notified Tesla on 31/08/2017

• Tesla vehicles produced from June onwards use a new key fob

• OTA update includes a Pin to Drive feature and the ability to disable PKE

6

Responsible disclosure

COSIC

an imec research group at

• First notified Tesla on 31/08/2017

• Tesla vehicles produced from June onwards use a new key fob

• OTA update includes a Pin to Drive feature and the ability to disable PKE

6

Responsible disclosure

COSIC

an imec research group at

7

More information

• esat.kuleuven.be/cosic/cosic-cryptography-blog/

• Poster sessions

• @CosicBe or @LennertWo

• WIRED article

• Live demo?!

COSIC

an imec research group at

COSIC \n an imec research group at KU Leuven8

Recommended

Furious: Estrella caída
Documents
Connecting ESFRIs: Collaboration between Research Infrastructures€¦ · Connecting ESFRIs: Collaboration between Research Infrastructures Lennert Tyberghein, Lennert Schepers, Francisco
Documents
Lennert József – Kovács András Donát – Farkas ... · esély 2014/6 3 Tanulmány Lennert József – Kovács András Donát – Farkas Jenő Zsolt – Bódi Ferenc LakóheLyi
Documents
Expositie IDEPENDENT Cathalijn Wouters
Documents
Voodoo (Julie & Lennert)
Education
A G Wouters
Documents
Fast, Furious and Insecure - CHES · 2019-09-05 · Fast, Furious and Insecure Lennert Wouters, Eduard Marin, Tomer Ashur, Benedikt Gierlichs and Bart Preneel Lennert Wouters, Eduard
Documents
READPAST & Furious: Locking
Technology
Fast & Furious 7
Automotive
MOSKITO - FURIOUS FPV
Documents
Lennert Coutigny 1COM-G multimedia
Documents
Fast and Furious
Documents
Wouters Brood en Patisserie
Documents
Amphibians By: Josh Armstrong and Brandon Lennert
Documents
eTravel - citizenM Hotels - Lennert de Jong
Presentations & Public Speaking
Rik Wouters
Documents
Time's furious passing
Health & Medicine
Fast & furious 6
Documents
Furious combat
Entertainment & Humor
Fast & Furious Spell
Entertainment & Humor