Clock, power, and EM glitching discussions. Does not need to use ChipWhisperer.
#1558 by Lechiffre
Thu Aug 31, 2017 2:21 pm
Hello,

I have read the VCC glitching tutorial and have some questions that might sound very stupid.

My understanding from the VCC glitching tutorial was that the glitch should be generated synchronously with the target clock. In the Raspberry PIe example CLKGEN is set to 120 MHZ. I expected that the CLKGEN should be set to the frequency of the Raspberry Pie core. Could you please tell me where 120MHZ is coming from?

Shouldn't we use the Raspberry's clock as an input to the Chipwhisperer to be synchronous or clock the raspberry Pie from the Chipwhisperer?

If I want to provide the clock to the Raspberry pie from Chipwhisperer, should the CLKGEN frequency be the same as the XTAL on the board? Should I connect Target HS IO Out in place of the XTAL on the board?

Thanks,

Lechiffre
#1561 by ExMachina
Fri Sep 01, 2017 1:53 am
Hi,

My understanding is that VCC glitching is easier with regards to timing and that (normally) the impact of a VCC glitch
affects many cpu cycles. Being able to put the glitch at a precise moment compared to the target clock will of course help getting it reliable but It also should be possible to glitch for a longer (longer than a cycle) .Way the Firmware is currently designed currently make the VCC glitch work like the clock glitches.

In other words. I think it should be possible to VCC glitch a target with a way higher frequency as Colin also did on an Android phone.

The gliching part itself also does not been to be very complicated. For example have a look at Hardware Power Glitch Attack - rhme2 Fiesta (FI 100) from Liveroverflow.
#1570 by Lechiffre
Wed Sep 06, 2017 12:44 am
Hi,

Thank you very much for your reply.
I have got my connection to my target board set up but have no luck with the glitch module.
I am running the sample program on the target and expect the counter values to vary due to the glitch.
When I set the "Glitch Trigger" to continuous the board crashes which is what I expected from it.
However when I set the Glitch Trigger to manual and the highest number of "Repeat" allowed (255), it has no effect at all.
Since continuous glitch crashed the board, I expected at least to get the same effect in manual mode with the right amount of repeat.

Could you please tell me what I am missing?

Thanks,
#1599 by keesj
Tue Sep 19, 2017 1:26 pm
Could you please tell me what I am missing?


If you look at the Glitching tutorial you see that there are quite a few steps needed to properly configure the clocks. If those are not well configured setting the glitch to continuous would work but the manual possibly not.

Why don't you measure the voltage to see what is happening?

Who is online

Users browsing this forum: No registered users and 1 guest