I executed the tutorials on chipwhisperer lite about clock/vcc glitching, but now I would like to test on some real life scenario. I’m working on JN5169 ((datasheet)) chipset and I would like to bypass the standard programming protection.
The chipset is connected via XTAL_IN and XTAL_OUT to a 32Mhz crystal used as reference oscillator.
I’m pretty a n00b in electronics, but I would like to understand which is the right path to proceed to get the attack working.
I need to remove the crystal and connect CW to the clock pins or I have to connect CW in parallel of the crystal (in which pin XTAL_IN or XTAL_OUT?)? I should use the glitch pin of CW right?
The tutorial are well documented in the “software” part, but they doesn’t give a lot of information about the “hardware” part. For example the tutorial about the LPC1114 doesn’t give any information on why the capacitors are removed. It would be very useful if also the hardware part are approached in the tutorials.
That being said, I’d really recommend trying voltage glitching for a few reasons
Issues with glitching a XTAL_IN port as described above
There’s a clock divider circuit in the chip
There’s also an internal oscillator, which the chip might be running off of for the boot process
For the LPC1114 glitch, the capacitors are removed to prevent them from filtering out the glitch. Bypass capacitors like the ones we removed are put there to prevent high frequency fluctuations on the power rail, which is exactly what we’re trying to do by voltage glitching the target.