Home / Series / Chaos Communication Congress / Aired Order / Season 36 / Episode 60

TrustZone-M(eh): Breaking ARMv8-M's security

(Hardware attacks on the latest generation of ARM Cortex-M processors.) Most modern embedded devices have something to protect: Whether it's cryptographic keys for your bitcoins, the password to your WiFi, or the integrity of the engine-control unit code for your car. To protect these devices, vendors often utilise the latest processors with the newest security features: From read-out protections, crypto storage, secure-boot up to TrustZone-M on the latest ARM processors. In this talk, we break these features: We show how it is possible to bypass the security features of modern IoT/embedded processors using fault-injection attacks, including breaking TrustZone-M on the new ARMv8-M processors. We are also releasing and open-sourcing our entire soft- and hardware toolchain for doing so, making it possible to integrate fault-injection testing into the secure development lifecycle.

English
  • Originally Aired December 28, 2019
  • Runtime 60 minutes
  • Production Code 10859
  • Created December 28, 2019 by
    Administrator admin
  • Modified December 28, 2019 by
    Administrator admin
Name Type Role
Thomas Roth Creator