Speaker Name: Raphael RIGO and Joffrey CZARNY
Title: Attacking hardware for software reversers: Analysis of an encrypted HDD
The idea of this presentation is to debunk the myth that analyzing the security of hardware is difficult. From the perspective of a software reverse engineer, we present the process of studying a hardware-encrypted, PIN secured, external hard drive: the Zalman VE-400.
The whole methodology will be explained, it starts with basic analysis of drive functionality, followed by a PCB analysis. We then explain how we try to access the code running on the board and proceed to do a black box analysis. With the results, we mount a potential attack, which fails but introduced new research perspective. We finally review our research and conclude.
While the end result of the analysis and attack is not a full success as it was not possible to recover an encrypted drive, it shows that the drive is nevertheless vulnerable by design.