简介:This paper describes the outcome of a laser attack
study on an Android smartphone targeting specifically the secure
boot sequence. Laser fault injection has become a classical
attack path in the secure chip industry t简介:This paper describes the outcome of a laser attack
study on an Android smartphone targeting specifically the secure
boot sequence. Laser fault injection has become a classical
attack path in the secure chip industry to investigate potential
security mitigation. The implementation of such attacks on a
recent mobile phone remains relatively unexplored and represents
different challenges, both at hardware and software levels. In this
paper, we show how the device is crafted to get a direct access
to the silicon and explain the corresponding experimental setup.
By inserting our own software into the boot sequence, it was
possible to achieve a fine characterization of the die sensitivity
to light. With the knowledge of potential perturbations, it was
possible to build an attack scenario allowing to malevolently get
the highest level of privilege within the mobile phone.详细>