Instructor and Researcher at SecuringHardware.com
Hardware Root of Mistrust
Maybe software hardening has been wildly successful or just deemed a lost cause, because adoption of hardware-based security devices has picked up in recent years, securing everything from FDE keys to code commits to social networking and video games.While we've isolated these 'trusted' hardware components so that they might be more secure and reliable, I'll present several scenarios where we can easily MITM, modify, or counterfeit trusted hardware, undermining the intended security assumptions made by their designers and users. I'll cover technical details about our modifications and counterfeit designs, and explore a few attack scenarios for each. I'll wrap up with some details about how this should influence our threat modeling when it comes to hardware devices.
Joseph is an Instructor and Researcher at SecuringHardware.com. Joe has spent over a decade working on low-level silicon debug, security validation, and penetration testing of CPUS, SOCs, and microcontrollers. He has spend the past 5 years developing and leading hardware security related training, instructing hundreds of security researchers, pen testers, hardware validators worldwide. When not teaching Applied Physical Attacks on x86 Systems, Joe is busy developing new course content or working on contributions to the NSA Playset and other misdirected hardware projects, which he regularly presents at all sorts of fun conferences.