July Newsletter: New Tutorials, New Features, Updated UFO Boards, More ARM

Home > Archive by category "Newsletter"

July Newsletter: New Tutorials, New Features, Updated UFO Boards, More ARM

Read the latest newsletter over on our TinyLetter page. Be sure to subscribe to get these updates yourself.


Welcome to NewAE News – July edition. Unlike most of our previous newsletters we have nothing new to sell you, but lots of new stuff to show off.

New Tutorials – RSA & ARM-Based AES

The most interesting news is there are two new tutorials you can perform! The first one is breaking RSA, or more accurately breaking part of RSA, as the entire algorithm is too slow to run on our XMEGA device. But it’s using a real RSA implementation as a base.

You can check out that tutorial as number B11 on the wiki. As a bonus you can also download a few traces we recorded at https://github.com/newaetech/chipwhisperer-examples/tree/master/tutorials/B11/example_traces in case you want to play through without hardware.

We’ve also added a tutorial breaking an implementation of AES, as commonly performed on 32-bit devices, where you use a special T-Table to speed up the algorithm. That is tutorial A8 on the wiki. Performing this tutorial requires an ARM device (such as our STM32Fx targets), but again we’ve posted some traces at https://github.com/newaetech/chipwhisperer-examples/tree/master/tutorials/A8/example_traces .

As you might have guessed we’re going to be working towards making a larger repository of example traces available, to make it even easier to work through all the tutorials even if you don’t have the required hardware.

New Features

We’ve also released a new version of ChipWhisperer, 3.5.3. Besides the usual small updates, this one also sees a new FPGA bitstream for both the Lite and Pro. This adds a “Trigger Length” feature that can report back how long the trigger was active for, handy for figuring out how long of a capture you need:

This version also finally adds a Windows installer, which installs Python (with all required modules), ChipWhisperer, and an update method based on getting the latest from GIT.

UFO Board Updates

All UFO boards being shipped now have a small update – a reset button! This grounds the nRST net on the UFO board, which can be handy when working through tutorials that require you to reset the device frequently:

More ARM

We’ve also updated all of our starter kits to now include an ARM target. We’ll now be shipping all kits (UFO, Level 1 & 2 Starter Kits, ChipWhisperer Pro) with the XMEGA Target + a STM32F target. We were using STM32F0 initially, but have been able to successful port everything to the STM32F3 which includes a whopping 40K of SRAM, so you can run even more advanced algorithms on this device.

The trust ATMega328P will still be available as an add-on, but based on your feedback we’ve decided to also include an ARM target. Now all of your starter kits will include both an 8-bit and a 32-bit target!

Black Hat, Trainings, CHES, and More!

This is a short newsletter as Colin is busy preparing for Black Hat. If you’ll be around Colin will be there until Thursday evening (27th), so send him a tweet (@colinoflynn) or email us to try and meet up! He’ll be giving a talk on Wednesday morning (10:30am) and showing the ChipWhisperer off at Arsenal on Thursday at 2:30pm.

If you’ll be at DEFCON, the Hacker Warehouse booth will be stocking the ChipWhisperer-Lite too! So you can grab one in person.

We’ll also be at CHES in September, and will have more details of what new hardware we’re showing off in the next newsletter. There should be some fun new tools to explore even more aspects of hardware security.

If you missed the announcement from the last newsletter, we’re also going to be running a training in San Francisco this November 6th & 7th. It’s being run alongside training courses by Dmitry Nedospasov, Joe Fitzpatrick, Joe Grand, and Michael Ossmann. We’ll be running our 2-day training course (same one as at Black Hat USA). You can see details at https://hardwaresecurity.training/ , and contact us for more information (email sales@newae.com ) or buy a seat online at the previous URL.

June Newsletter: Targets, Training, Order Pickup at RECON, Fun Videos

Read the latest newsletter over on our TinyLetter page. Be sure to subscribe to get these updates yourself.


Welcome to NewAE News – June edition. We’re following up with another quick update here, as we have lots of news (and a few time-sensitive pieces) to share.

Targets

To follow up with our previous newsletter, the STM32F1, STM32F3, and STM32F4 targets are now available. The largest STM32F4 target has a whopping 1MByte FLASH and 192KByte SRAM. We’re also adding support to program them via ChipWhisperer – you’ll find this option already in the “develop” branch as a new menu option, but if you’re not in a rush wait for the next software release. For now we recommend using an external programmer.

Trainings

We’re also going to be running a training in San Francisco this November 6th & 7th. It’s being run alongside training courses by Dmitry Nedospasov, Joe Fitzpatrick, and Joe Grand. We’ll be running our 2-day training course (same one as at Black Hat USA). You can see details at https://hardwaresecurity.training/ , and contact us for more information (email sales@newae.com ) or buy a seat online at the previous URL. This training will have limited seating (we’ve only confirmed a room with 10, but are hopefully able to offer up to around 20 seats).

Talks

Are you headed to RECON in Montreal next week? Colin will be headed there to discuss his previous work on hacking smart light bulbs. In addition to his normal hardware demos, we’re offering the chance to pickup any orders placed until June 14th for free at RECON. If you’d like to take advantage of this please email sales@newae.com, as we need to ensure we’ve got your item in stock. We’ll provide you with a special code to remove the shipping cost on our webstore.

After that Colin is headed to ESCAR  on June 21-22nd to provide some demos of hacking automotive systems using ChipWhisperer. These demos will use on our new MPC5748G Target Board, as Colin can demonstrate attacks using CAN communications along with other special features of these devices. Slides for both the RECON and ESCAR talk will be posted afterwards if you can’t make them in person!

And talking about fun demos – don’t miss this walk-through of breaking AES as part of the Riscure CTF challenge that LiveOverflow posted recently on YouTube:

Tutorials

We’ve added another new tutorial recently too – this one looks at the ChipWhisperer-Pro’s features. You can see the Stream Mode & SAD Triggering Tutorial on our wiki.

That’s all for now – thanks for sticking around!

May Newsletter: ChipWhisperer 3.4.1 Released, ARM Targets available, IEEE S&P, BH Training Deadline

Read the latest newsletter over on our TinyLetter page. Be sure to subscribe to get these updates yourself.

 


A new ChipWhisperer release! This adds a lot of interest features we’ll mention quickly, including:

  • Quasi-automatic trace alignment.
  • Example firmware targets for STM32F0/F1/F2/F3/F4.
  • New SimpleSerial protocol (V1.1) with ACKs, simplifies usage with slow implementations.
  • Improved trace plotting allowing you to selectively include traces/waveforms.

 

Quasi-Automatic Trace Alignment

We’ve implemented a form of Dynamic Time Warping (DTW), which was suggested in the Elastic Alignment paper by J. van Woundenberg et al. The implementation is a little different to fit with our capture architecture, but accomplishes the goal of potentially aligning traces that have more than a simple physical shift (the following should be a small GIF showing you the usage):

STM32F Firmware Targets

Our previous newsletter mentioned the STM32F target board for the UFO. We’ve forged ahead and built examples of that for most of the STM32F series devices. You can see a full list of this on the wiki page. We’ll be commercially selling versions of that target too, for now we have the F0 available in the webstore along with the blank PCB.

To go along with this, we’ve released a new version of our SimpleSerial protocol. This protocol now has an ACK in it, which can help the ChipWhisperer know when it shouldn’t send something to a device that is busy processing the last command.

Improved Trace Plotting

For the longest time, you could only plot trace ranges. We now have a new trace plot widget that can plot arbitrary traces, and specify colours of them. For example here we are plotting trace #0-#5 in red with alpha of 0.3, #23 in green, and #35 in blue. This type of plotting is handy when you are looking at traces which might represent different code paths:

In the future we plan on improving this further to allow you to plot averages of groups, add offsets, etc. But for now you can specify both color codes & HTML colors (including transparency), which is very useful for seeing how often certain code paths are taken.

ARM Targets

As mentioned in the ChipWhisperer release notes, there is now a number of ARM targets for the UFO board. They all use the same STM32F PCB, so makes it very easy to target a bunch of different devices. We’ve got the blank PCB in the webstore along with limited quantities of the STM32F0 target board. The F1/F2/F3/F4 should be available shortly – we haven’t had time to run those boards through assembly yet. If you don’t want to solder let us know & we might be able to speed up a certain variant for you.

87C51 Targets

Do you like going old-school? Another new target is using the 8051 microcontroller. This target was a spin-off of a specific project so differs a little from our usual “cheap & basic” UFO target. But you may still find it interesting, and it comes preprogrammed with demos for AES, glitching, and TEA.

IEEE S&P and Other Conferences

Are you headed to IEEE S&P? Colin will be there in an academic capacity, but if you’re around please be sure to say hello! He’s easiest to track down on May 22nd at 1:45PM in Session #3, but will be around for the entire conference.

Colin will also be heading to RECON (Montreal in June) & ESCAR (Detroit in June). More details on those presentations will be coming.

BH Training Early Registration Deadline

Our training running at Black Hat USA 2017 has an early registration deadline of this Friday. One of the classes is almost sold out too, so if you want to ensure you make it in check the registration details soon. We’ll be (once again) updating our material this year to include some of the new features introduced in ChipWhisperer.

That’s all for now. Thanks again for listening to us blabbing on, hopefully you get a chance to try the new ChipWhisperer software, and look out for a few more new features in our next edition of NewAE News!