Explore the security vulnerabilities of Hardware Security Modules (HSMs) in this conference talk from Recon 2017. Delve into the evaluation of the Utimaco SecurityServer, focusing on its Texas Instruments TMS320C64x DSP architecture. Learn about the unique features of this exotic architecture, including multiple functional units and parallel command execution. Discover the challenges in disassembling the firmware and how the capstone disassembler was extended to address these issues. Follow the methodology used to uncover a vulnerability in the HSM's firmware, gaining insights into reverse engineering techniques for specialized hardware. Understand the critical role of HSMs in web security, digital signatures, and DNSSEC, and the potential implications of their vulnerabilities.
Hackable Security Modules - Reversing and Exploiting a FIPS 140-2 Lvl 3 HSM Firmware
Overview
Syllabus
Recon 2017 Brx - Hackable Security Modules Reversing and exploiting a FIPS 140-2 lvl 3 HSM firmware
Taught by
Recon Conference
Related Courses
-
Reversing and Exploiting Broadcom Bluetooth
-
Reversing an M32C Firmware - Lessons Learned from Playing with an Uncommon Architecture
-
Exploitation of a Hardened MSP430-Based Device - Braden Thomas - Ekoparty Security Conference - 2014
-
Hardware Security Module - Executing Unsigned Code in HSM TEE
-
Static Analysis-Based Recovery of Service Function Calls in UEFI Firmware
-
Breaking Firmware Trust From Pre-EFI - Exploiting Early Boot Phases
