AES-256 Is Not Enough: Breaking a Bootloader | Details | Hackaday.io
- Added on 2023-08-13
- Page: http://hackaday.io/project/956/log/10108-aes256-is-not-enough-breaking-a-bootloader
- See on Internet Archive
- #security #crypto #aes
I'd been pushing hard trying to get a demo of how you can break an AES-256 bootloader. This type of bootloader is often used in products for protecting firmware updates and a good demonstration of why you should care about side channel attacks as an embedded engineer.
It's not pretty but it does work, so I wanted to put some documentation and details up here. To start with, what bootloader should I target? I don’t want to give someone a bad name, since the point of this blog post is that any similar bootloader can be attacked. For this reason I’ve chosen to implement my own, but basing it on a number of real bootloaders I studied.
Hopefully this will demonstrate that it's not enough just to check the box that says 'AES', even if you've done everything else right (not using ECB mode, etc.).