Archive for the ‘Blog’ Category

Background In the previous blog posts, we detailed a fault injection attack on the Renesas RH850, both with crowbar fault injection and electromagnetic fault injection. In this blog post, we will perform some power analysis in order to gain more information about the ID authentication on the processor. Introduction As stated previously, a side-channel is… » Read More

Background In the previous blog posts, we detailed a fault injection attack on the Renesas RH850 that allowed us to bypass one of its security features: the serial programming prohibition. In this blog post, we will go over how we improved the fault injection attack. Electromagnetic Fault Injection When it comes to voltage glitching, especially… » Read More

Continuing our 7-part series on attacking the Renesas RH850. Work conducted by Ibrahima Keita. Background As stated in the previous blog posts, one of the ultimate goals of this project was to bypass the serial programming and ID authentication checks on an RH850. Since we were able to fault the RH850 with our test cases… » Read More

Background In the previous blog post, we looked into the possibility of fault injecting the RH850. In this blog post, we will try to get familiar with fault injection on the RH850 by trying to glitch a few relatively simple programs. These would allow us to determine how faultable the RH850 is with the equipment… » Read More

Continuing our 7-part series on attacking the Renesas RH850. Work conducted by Ibrahima Keita. Background In the previous blog post, we gave a brief overview of our target, the Renesas RH850, and the various security features. In this blog post, we will go over two techniques we can use to potentially bypass them: fault injection,… » Read More