Hi all.
I recently took my first stab at using a ChipWhisperer-Lite. After running through most of the tutorials and getting some positive results, I am looking to expand my knowledge and target a development board I have lying around. I have set the RDP to level 1, and I am hoping to bypass that level of security to extract the firmware (as already seen in some of the tutorials).
The target board I am using is in the same family as the board used in this voltage glitching demo.
My questions are likely a bit elementary or misinformed, but I am just hoping for some sanity checks as this is all entirely new to me.
The demo uses a CW-Pro. Is there any reason I could not recreate this experiment on a CW-Lite? I have read some forums that discuss the differences in UART or USART capabilities (I think), but I am not sure how that translates to my goals.
I am struggling to grasp the documentation regarding the 20-pin connector. The demo linked above seems to have just two jumper cables coming out of the 20 pin header. What might these signals be (maybe TIO4?), and why are so many omitted?
The demo also features a coaxial SMA jack connected to the new target board. I am assuming this is connected to the node I am targeting for my glitch, but could anyone elaborate on or correct this assumption? Since the provided CW target board came with SMA jacks for both the glitch and the measurements, I did not have to give it much of any thought during the tutorials (to my knowledge).
Rather than manually clicking through a few notebooks to evaluate the glitch parameters then perform the glitch itself, is there anything stopping me from pulling the python code into one larger file/directory and adding a bit of automation? I am entirely sure if there is code running behind the scenes to piece the individual blocks together. Are there any downsides or lost features I should be aware of with this approach?
Thanks for your insight and your time. These questions will probably lead to more questions.
Welcome!
The problem with that blog post is that while it has a lot of information and details, it’s also missing quite a few details - like the target board setup, chipwhisperer connections, and the SECGlitcher class.
It does seem to rely on CW-Pro’s UART triggering capability, which doesn’t exist on CW-lite. That could be challenging to overcome. It’s hard to say more than that because of all the missing information.
Have you looked at our LPC1114 attack? It’s a different target but a similar goal, no missing details, and CW-Pro isn’t needed. And since we developed it, if you run into issues or questions we’ll be better able to help you.
Thanks for the reply. I agree, I wish there was more information provided.
I have seen the LPC1114 attack, but I did not follow up with it because I do not have a similar device on standby. If I am able to get my hands on one, I will likely follow this tutorial. I wonder if I could utilize some of the information in that guide and come up with an approach for an STM32 attack. I know how to manipulate the notebooks, and I have a fairly good idea as to what decoupling capacitors have to be removed. I think the only things that I would be uncertain about would be cutting traces on an entirely different board, otherwise it seems like I could ‘replicate’ it in a similar but different fashion. If it would succeed would be another question entirely, but I don’t think that would deter me because it could still be an opportunity to come up with a python script (I think?) to automate some of the items.
I know how delicate these experiments can be, so I might be underestimating the overall complexity. However, based on the tutorials, the notebooks were fairly ‘plug-and-play’ as long as I accounted for switching the notebook the correct target. I imagine there are some parallels across targets.
What are some tips for finding these hardware modifications? For example, the LPC1114 attack says to:
- Cut the traces on 3.3V_CORE and 3.3V_IO_E.
- Add a 12-ohm resistor on the 3.3V_CORE jumper.
When I started to look for decoupling capacitors to remove, I went to the datasheet and tried to find diagrams that display the power rail to identify possible nodes that are not connected to dedicated voltage regulators. Are the modifications listed found with a similar approach? Is there something in the datasheet/user manual that leads you to these conclusions? How did you know which traces to cut?
Thanks again for the information. It has been a joy to learn about this topic and approach some difficult challenges.
The target modifications are explained a bit more on Dmitry’s blog (which our notebook is based on).
1 Like
Based on what I have read both in the tutorial and on Dmitry’s blog, I have one primary point of confusion. First, cutting the 3.3V pads and applying the 12 Ohm resistor and the wire from the glitch SMA connector, I think that all makes sense. The resistor adds impedance, providing an improvement similar to removing the decoupling capacitors. To my knowledge, the glitch acts as an open drain between VCC and GND that gets triggered for different amounts of time based on the parameters featured in the demo. My question is, what is powering the chip since the VCC lines were cut? The demo images do not seem to show a USB cable attached, so is the 3.3V connection from UEXT to the CW-Lite powering the chip so we can read the firmware and get successful responses? Am I misunderstanding something?
Also, a follow up that came to me. Does it make a difference if a target chip has a RST pin or an nRST pin from the CW-Lite’s perspective? Active-low vs Active-high? I need to do some research into what this means on my own, maybe it is not complicated. Figured I would add it to this post while I had the chance though. (**Editing this post later in the day, it looks like I can just flip the pulse sent to the RST pin in the example code from the LPC attack in the notebook. I could be mistaken on this though.)
As always, thanks for your time and assistance.
Sorry, I meant to reply earlier:
Correct, the target is powered by the ChipWhisperer’s 3.3V line.
Yes, that’s right.