Monday, September 8, 2008

Errata from Black Hat USA 2008

MSP430F1101A control flow diagram

There exist two errata, one trivial and one substantial, in my Black Hat presentation.

First, Vcc of the 2013 chip in the schematic diagram should be connected to Vcc of the JTAG/SBW connector, not Vext as is shown in the schematic. I had to score and solder those in my prototype, but I forgot to update the slides. (The new unit uses the MSP430F2274, regardless.)

Second, and much more substantially, memory is erased by default on reception of an incorrect password unless BSLKEY is set to 0x0000 on BSL version 2.0+. See page 11 of SLAA089D for details. You will find the code responsible at 0xD66 within the password comparison routine of the MSP430FG4618 Rev. G BSL, version 2.12, wherein BSLKEY is located at 0xFFBE. This makes these devices invulnerable by default, unless protection is explicitly disabled by the programmer.

The MSP430F1101A and other chips using BSL versions beneath 1.60 are vulnerable by default.

The next revision of my board will incorporate power glitching attacks, which might potentially prevent the 4618 from erasing its memory on a bad password or allow entry into a disabled BSL.

--Travis Goodspeed

No comments: