Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack
From: Adam Laurie <adam () algroup co uk>
Date: Tue, 12 Feb 2013 10:32:28 +0000

On 11/02/13 09:11, Adam Laurie wrote:
The Atmel AT91SAM7XC series of microprocessors contain a crypto
co-processor which is DES and AES capable. They include a write-only
memory for key storage and multiple physical security measures to
prevent decapping etc.

However, due to poor memory management, in certain circumstances it is
possible to recover the crypto keys from a live system via the standard
JTAG programming interface. These circumstances are made more likely to
exist in the wild by the fact that the example software provided by
Atmel is itself vulnerable.

It has been pointed out that in fact the example code is not vulnerable due to a subtlety in variable declaration. I have amended the post to take this into account, and apologise for the mis-information. However, the point about lack of clarity on this issue still stands, and, as we've seen, the potential for error still exists.


Full story here:


http://oamajormal.blogspot.co.uk/2013/02/atmel-sam7xc-crypto-co-processor-key.html

cheers,
Adam
--
Adam Laurie                         Tel: +44 (0) 20 7993 2690
Suite 117                           Fax: +44 (0) 20 7691 7776
61 Victoria Road
Surbiton
Surrey                              mailto:adam () algroup co uk
KT6 4JX                             http://rfidiot.org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault