Measuring Billions of Traces Per Day using Segmented Memory
Side Channel Analysis (SCA) attacks generally speaking consisting of three phases: acquisition, pre-processing and analysis. The time it takes to …
Read moreLatest Posts
Espressif ESP32: Glitching The OTP Data Transfer
Modern System-on-Chips (SoCs) include security critical features which are often configured securely using One-Time Programmable (OTP) bits, often …
Read moreEspressif ESP32: Breaking HW AES with Electromagnetic …
In our previous blog post, we’ve shown how we extracted the secret key from the ESP32’s hardware AES accelerator using a Power Analysis …
Read moreEspressif ESP32: Breaking HW AES with Power Analysis
Side Channel Analysis (SCA) attacks are commonly used for extracting the secret key of cryptographic engines found in modern devices. They exploit …
Read moreVulnerable tzdemuxerservice TA on Samsung TVs (J-series)
We often analyze the security of devices that implement a Trusted Execution Environment (TEE) and the information described in this post is a result …
Read moreQualcomm IPQ40xx: Achieving QSEE Code Execution
In this post we finally dive into our approach for exploiting the vulnerabilities we’ve identified in QSEE, Qualcomm’s Trusted Execution …
Read more