At the Black Hat Asia conference in Singapore, Dr. Sandro Pinto and Cristiano Rodrigues presented their research that introduced a groundbreaking technique that exploits the shared pipeline on the newest Cortex-M CPUs to place a time based, side-channel attack from an application running in non-secure domain to security code running in secure mode. The researchers named this attack “BUSted”. This is sudden and difficult news hitting the new generations of ARMv8 microcontrollers. The attack was demonstrated live using a Cortex-M33 microcontroller as target.
Due to the nature of the attack, targeting specific micro-architectural design issues, this disclosure has already been compared to “Spectre” and “Meltdown”, well known attacks that have affected more sophisticated architectures in the recent past. All the embedded projects that were counting on hardware-assisted privilege separation through TrustZone-M should now take into account the possibility of leaking information from the trusted components running in the secure world.
According to the researchers, software based countermeasures and mitigations are possible to counter the effects of this micro-architectural design fault. The most important aspect to take into account when dealing with time-based attacks is to avoid as much as possible secret-dependent code in the implementation of security operations. In other words, the time required for a security procedure to run must not depend on the success of the operation or on any secret involved in the operation.
Tune in to this webinar to learn more about the attack from the researchers themselves as well as from cybersecurity experts how wolfSSL has been proactive and already studying the necessary workarounds for our users and customers.
Time Stamp:
00:00 Introduction
02:46 BUSted
05:45 Hidden Threat
10:37 Hardware Gadgets
18:20 BUSted POC
21:06 wolfCrypt
28:25 wolfBoot
39:36 Talk With Us
42:15 Questions
