Rafael Boix Carpi (Riscure)

11 October 2018
14:00 - 14:30
Van der Valk Eindhoven

Rafael Boix Carpi (Riscure)

Physical attacks on IoT devices with dirt-cheap equipment

The common assumption is that physical attacks are impossible to conduct by an entry-level hacker. This talk will challenge this belief by showing that with only open-source tooling and dirt-cheap equipment, it is possible to successfully attack such devices. I will show how to build a general-purpose toolkit to extract an AES key with side-channel analysis and bypass a security check with fault injection on a real IoT device used in a hardware capture the flag.