4601

This is a simple and cheap device for all kinds of non-invasive attacks on protected MCUs and SmartCards (including credit cards!). Won't outperform a 3000$ variant of fully digital FPGA-based ChipWhisperer, but will work better as a learning/training platform for non-invasive tweaking attacks, thanks to fully accessible and observable signal paths.


I got inspired for this project after I saw this ruthless destruction of aĀ  credit card :) https://www.elektormagazine.com/news/what-is-inside-my-credit-card .

Protected secrets like credit card PINs, or protected MCU firmware can be extracted using different non-invasive attacks (attacks performed without decapsulating the silicon die). These attacks are usually based of various fault-injections - or inputting badly formattedĀ  input data, or sending signals of incorrect amplitude and frequency. Lowering supply voltage or abruptly cutting the power will also make the DUT (device under test- or actually attack) perform some uncontrolled action and hopefully reveal its secrets.

Using a combination of analogue and digital circuits, all controlled by a simple Atmega8, this device can succeed in defeating many protected DUTs, and still work as a good learning/training platform, better than a fully digital FPGA-based ChipWhisperer:
https://www.newae.com/chipwhisperer .
Ā 
Besides this, you will need an average digital oscilloscope/logic probe, an analogue oscilloscope with a 100-200MHz bandwidth, and PC running software like Matlab and/or LabView for acquisition and processing of captured signals. Ā