Password storage on a BluePill

Post here first, or if you can't find a relevant section!
User avatar
ddrown
Posts: 149
Joined: Sat Jan 09, 2016 4:49 am

Re: Password storage on a BluePill

Post by ddrown » Mon Dec 04, 2017 2:32 am

RogerClark wrote:
Mon Dec 04, 2017 2:18 am
@ddrown

I like the idea of the passphrase made of a fixed set of words, but 4000 words is going to take a lot of flash.
Yeah, around 35kb. I could possibly lower that (12kb?) if I stored it as a tree structure.
RogerClark wrote:
Mon Dec 04, 2017 2:18 am
Re: Cost of GPU rigs to brute for etc

Ultimately everything is hackable, with enough budget the top can be etched off the MCU and the flash read back via direct connections, I've heard there are companies in some countries who will do this for you if you have enough money

But I'd be more concerned with a buffer overflow code injection being possible which could potentially dump the flash.
Glitching (via power/clocks/etc) is another way to possibly dump the flash.

User avatar
RogerClark
Posts: 7538
Joined: Mon Apr 27, 2015 10:36 am
Location: Melbourne, Australia
Contact:

Re: Password storage on a BluePill

Post by RogerClark » Mon Dec 04, 2017 2:57 am

Yep.

There are loads of ways to potentially get the MCU to misbehave.

BTW. I found this doc

http://www.emcu.it/SILICA-STDay-2016/X/ ... ements.pdf

But, I'm not sure why the F1 often has a asterisk against it

User avatar
ddrown
Posts: 149
Joined: Sat Jan 09, 2016 4:49 am

Re: Password storage on a BluePill

Post by ddrown » Mon Dec 04, 2017 3:48 am

ddrown wrote:
Mon Dec 04, 2017 2:32 am
RogerClark wrote:
Mon Dec 04, 2017 2:18 am
@ddrown

I like the idea of the passphrase made of a fixed set of words, but 4000 words is going to take a lot of flash.
Yeah, around 35kb. I could possibly lower that (12kb?) if I stored it as a tree structure.
Combining https://en.wikipedia.org/wiki/Incremental_encoding and a 127 element dictionary for the suffixes, I get:

Code: Select all

wordlist.o  :
section            size   addr
.text                 0      0
.data                 0      0
.bss                  0      0
.rodata           18856      0
.comment             45      0
.note.GNU-stack       0      0
Total             18901
I'm using chars in a way that would break unicode to save some space, so this specific code would really only work for an English wordlist.

User avatar
RogerClark
Posts: 7538
Joined: Mon Apr 27, 2015 10:36 am
Location: Melbourne, Australia
Contact:

Re: Password storage on a BluePill

Post by RogerClark » Mon Dec 04, 2017 4:35 am

Thats interesting encoding / compression

I agree, Unicode is not required as it doubles the data size (assuming 16 bit)

I don't think accented chars are needed, probably most latin style languages could be catered for using ASCII

User avatar
RogerClark
Posts: 7538
Joined: Mon Apr 27, 2015 10:36 am
Location: Melbourne, Australia
Contact:

Re: Password storage on a BluePill

Post by RogerClark » Mon Dec 04, 2017 6:16 am

I just had another idea for passkey input

I noticed a post about these gesture detectors , APDS-9960

Sparkfun did a video

https://www.youtube.com/watch?v=A3QRyixnEl8

This really cheap devices, seem to have multiple time of flight sensors (or something else that can sense distance), and can be used to sense direction of swipe and other gestures

Potentially a passkey could be a sequence of movements that has to be made by your hand over the device.

Of course if someone was filming or observing you, they may be able to duplicate the gesture, but its an interesting alternative, and would mean they would have to video you doing the gesture (no pun intended)

User avatar
zoomx
Posts: 549
Joined: Mon Apr 27, 2015 2:28 pm
Location: Mt.Etna, Italy

Re: Password storage on a BluePill

Post by zoomx » Mon Dec 04, 2017 8:54 am

Gesture detectors are interesting too.
You have to take care of the detecting accuracy otherwise other similar gestures can pass the check.

User avatar
RogerClark
Posts: 7538
Joined: Mon Apr 27, 2015 10:36 am
Location: Melbourne, Australia
Contact:

Re: Password storage on a BluePill

Post by RogerClark » Mon Dec 04, 2017 9:58 am

zoomx wrote:
Mon Dec 04, 2017 8:54 am
Gesture detectors are interesting too.
You have to take care of the detecting accuracy otherwise other similar gestures can pass the check.
Yes.

You have to decide on the accuracy.

I have some experience developing a 2D gesture system, but its fairly simplistic, as it just divides the required gesture into a series of short lines P1 (x1,y1) -> P2 (x2,y2) then calculates minimum distance from the entered co-ordinate (the mouse position) to the line and checks its not beyond a threshold, it also checks that the nearest point on the line is always increasing i.e they are moving from P1 to P2

We don't track speed of movement in the gesture as it was not a requirement. i.e only that the gesture was performed in the correct direction(s)

We also didn't allow for different scale, though we could do this if we processed the whole gesture when it was complete - but as we needed to do realtime checking, it was impractical to try to determine scale on the fly


So... Yes its difficult to do it well .

ag123
Posts: 824
Joined: Thu Jul 21, 2016 4:24 pm

Re: Password storage on a BluePill

Post by ag123 » Mon Dec 04, 2017 1:39 pm

off-topic but i googled and run across this article about attacking trezor a hardware wallet for securely storing Bitcoins
https://jochen-hoenicke.de/trezor-power-analysis/
my guess is stm32 may be made to pretty much work like or as a trezor clone, the vulnerabilities are likely similiar
it is rather interesting/impressive that the attack is done by doing reverse engineering from the power consumption and using an oscilloscope. without literally breaking the read protection h/w etc
;)

User avatar
RogerClark
Posts: 7538
Joined: Mon Apr 27, 2015 10:36 am
Location: Melbourne, Australia
Contact:

Re: Password storage on a BluePill

Post by RogerClark » Mon Dec 04, 2017 8:31 pm

Thats a very interesting article

Unfortunately, it seems to show that open source code will be inherently less secure as reference code can be run, and the power usage compared.

But ultimately, pretty much anythng can be hacked if you have enough time and money

eggsylah
Posts: 6
Joined: Fri Oct 06, 2017 9:26 pm
Location: Northern Virginia, US

Re: Password storage on a BluePill

Post by eggsylah » Tue Dec 05, 2017 9:43 am

Unfortunately, it seems to show that open source code will be inherently less secure as reference code can be run, and the power usage compared.
Roger, I think you are being too pessimistic! That argument smacks too much of Security Through Obscurity to me. I believe some of the most secure implementations are indeed open sourced.

The above link is a Simple Power Analysis and for that the source code is likely to be a help. More sophisticated attacks like Differential Power Analysis perform statistical analysis and hypothesis testing to determine the cryptographic keys.
In one case of our testing, we were able to determine a DES key because some of the S-Box tables spanned the page boundary of flash memory. This resulted in a power consumption difference that was enough to break the implementation!
The bottom line is to leave secure crypto implementations to the experts! Of course, even a weak implementation is better than nothing -- but don't be over confident of your security.

If your are interested in this sort of thing, I recommend looking at the Chip Whisperer project by Colin O'Flynn

Finally, for weaknesses in the STM32F0 it is worth reading Shedding too much Light on a Microcontroller’s Firmware Protection.
They basically use a race condition on the STM32F0 to readout the firmware. Due to hardware differences I don't believe this works on the STM32F103 chips.

Eric

Post Reply