Friday, May 16, 2008

Speaking at Black Hat USA 2008

I'll be speaking at BlackHat USA 2008 in Vegas this August. My abstract follows:

The Texas Instruments MSP430 low-power microcontroller is used in many medical, industrial, and consumer devices. It may be programmed by JTAG, Spy-Bi-Wire, or a serial BootStrap Loader (BSL) which resides in masked ROM.

By design, JTAG may be disabled by blowing a fuse. The BSL may be disabled by setting a value in flash memory. When enabled, the BSL is protected by a 32-byte password. If these access controls are circumvented, a device's firmware may be extracted or replaced.

After a thorough introduction, this talk will discuss in excruciating detail the results of an effort to reverse engineer the BSL code. Once the BSL's function has been covered, a timing attack will be discussed which might be used to guess the password without brute force under certain conditions.


Cheers,
Travis Goodspeed
<travis at utk.edu>

3 comments:

rob said...

Hi Travis,

This sounds like a really interesting talk. Unfortunately I won't be able to attend. Will there be a video/audio recording of it for me to listen to after the event?

Cheers,

Rob S.

Travis Goodspeed said...

You'll find Black Hat's archives here

As they don't post video or audio until nearly a year after the event, you'll have to settle for the slides and a white paper.

Cheers,
--Travis

Travis Goodspeed said...

My timeslot runs from 13h45 to 15h00 on Day Two of the conference in Palace 1 as part of the Hardware track. Following my talk will be presentations by Karsten Nohl and Christopher Tarnovsky.

Cheers,
--Travis