Hardware Security Trainer and Researcher

Joined July 2012
Joe Fitz retweeted
I've now managed to simulate a trojan flip flop extracted from an ASIC. This will be the subject of an upcoming webinar collab with @hardwear_io !
#NoTimeToDie ⚡Agents did you enroll for the secret mission for Padsec? 📽️Mission Chief Matt has a message for you➡️piped.kavin.rocks/2-korZfPkQE 🕵️Your mission: Introduce an undetectable fault into the new IC xxxxxxxxxxxx 🟢Click to accept & decode👉bit.ly/3lOVEvN #hw_io
Show this thread
0
5
0
9
Show this thread
There's red tape. Then there's green tape.
2
0
0
24
If anyone i know in Oregon wants to get involved in a security conference, BSides Portland has an open board seat. Elections are tonight at 7pm. Email, text, or comment on this post and I’ll get you the details.
1
8
0
15
Damn. I used 0603's but all I have lying around are 1206's...
11
5
0
71
Joe Fitz retweeted
Did you build something cool, interesting or deliciously geeky with a device from Crowd Supply? Send us a field report! If we publish it, you'll get $25 Crowd Supply credit and lots of hardware hacker points. More details and submit your field report ⬇️ crowdsupply.com/field-report…
0
6
0
12
Bidirectional level shifting is cursed and should be avoided at all costs. Here's a thread where I'll walk through a few of the specs you can look for to determine if you can safely just skip level shifting all together.
2
33
1
153
Most of what you want will be in the 'I/O', 'Electrical' or 'DC' characteristics part of the datasheet. You'll need to refer to the datasheet for both devices. Here's an example from the ESP8266 datasheet:
1
0
0
8
First, we need to figure out what our output voltage looks like - specifically Voh and Vol - meaning Voltage Output High and Voltage Output Low. The data sheet is telling us: outputting a 1 will raise voltage to at *least* Voh outputting a 0 will drop voltage to at *most* Vol.
1
0
0
6
The ESP8266 defines these in terms of Vio, the Votlage I/O. Let's say we run at 3.3v which is pretty standard: Voh = .8*Vio=2.64V Vol = .1*Vio=0.33V We should never see a voltage between .33 and 2.64 come out of an output pin unless it's on its way up or down.
1
0
0
4
Next, we need to look at another devices input voltages. Vil is the max voltage that will be accepted as a 0 Vih is the min voltage that will be accepted as a 1 (sometimes they're listed as ranges too) (Vdd is the same as Vio on this chip) Take a look at this ATSAMD datasheet:
1
0
0
5
Let's say this device is running at 1.8v (called Vdd here) Vil=.25*Vdd=.45v Vih=.7*Vdd=1.26v Now, Vol is less than Vil, so all 0s will be read as 0's Voh is higher than Vih, so all 1s will be read as 1's But, Voh is pretty high and we don't want to fry our 1.8v device:
1
0
0
5
Our Absolute Maximum Ratings tells whether our pins are '3.3v tolerant': Vpin = Vdd+.06 = 2.4v Since the Voh is higher - 2.64v - that tells us that our 3.3v ESP is going to put the 1.8v ATSAMD out of spec by putting too much voltage on the input pin. We shouldn't do this!
1
0
0
5
We can often work around this in one direction by putting a resistor in line to reduce the voltage from the ESP out put to the SAMD input. But what size? Look at the datasheet for Iih - Current (i) input high, Ii - current input, or Ileak - input leakage current:
1
0
0
6
Here, we see only 1 microamp (10^-6) will flow over that wire (that's tiny!). We need to change our Vout of 2.64 to 3.3v into a Vin of 1.26 to 2.4v. Dropping Vout by 1 volt should put our Vout range fully inside the Vin range v=ir -> r=v/i (1)/(10^-6) = 1M ohm! (that's a lot!)
3
0
0
5
This is unidirectional. We have to repeat the process with the 1.8v ATSAMD Vout settings and the ESP8266 Vin settings. Vdd= 1.8v; Voh=.9*Vdd=1.62 Vio= 3.3v; Vih=.75*Vio=2.48 This isn't going to work :(
1
0
0
5
It's usually easy to slap on a resistor so a high voltage device can talk to a low voltage device. It usually not possible to get a low voltage device to 'talk' loud enough so a '1' makes it through to the high voltage device.
1
0
0
6
Sometimes we get lucky. Looking at Vih for a few different devices at 3.3v: ESP8266 = 2.48v ATSAMD = .55*Vdd=1.82v ATMEGA32U4 = 0.2*Vcc+.9=1.56v ATMEGA328P = 0.6*Vcc = 1.98v
1
0
0
4
so - the ATMEGA32U4 running at 3.3v has a Vih low enough to 'see' the Voh of a 1.8v ATSAMD while both operate in-spec In practice, you can expect things to work better than spec. I'll tell you the ATSAMD and ATMEGA328p can both consistently see 1.8v '1's but the ESP8266 can't
1
0
0
6
Hope this thread explains the thought process, necessary research, and calculation. This is EE desk work I usually skip when hacking things together - but is essential to consider when actually building reliable electronics.
6
2
0
24