I'll be speaking at BlackHat USA 2008 in Vegas this August. My abstract follows:
The Texas Instruments MSP430 low-power microcontroller is used in many medical, industrial, and consumer devices. It may be programmed by JTAG, Spy-Bi-Wire, or a serial BootStrap Loader (BSL) which resides in masked ROM.
By design, JTAG may be disabled by blowing a fuse. The BSL may be disabled by setting a value in flash memory. When enabled, the BSL is protected by a 32-byte password. If these access controls are circumvented, a device's firmware may be extracted or replaced.
After a thorough introduction, this talk will discuss in excruciating detail the results of an effort to reverse engineer the BSL code. Once the BSL's function has been covered, a timing attack will be discussed which might be used to guess the password without brute force under certain conditions.
Cheers,
Travis Goodspeed
<travis at utk.edu>
Subscribe to:
Post Comments (Atom)
4 comments:
Hi Travis,
This sounds like a really interesting talk. Unfortunately I won't be able to attend. Will there be a video/audio recording of it for me to listen to after the event?
Cheers,
Rob S.
You'll find Black Hat's archives here
As they don't post video or audio until nearly a year after the event, you'll have to settle for the slides and a white paper.
Cheers,
--Travis
My timeslot runs from 13h45 to 15h00 on Day Two of the conference in Palace 1 as part of the Hardware track. Following my talk will be presentations by Karsten Nohl and Christopher Tarnovsky.
Cheers,
--Travis
We often offer special discounts and coupons for Bobwards Coupon Code. Check back often to see what's available!
Post a Comment