Hackable Security Modules Reversing and exploiting a FIPS 140-2 lvl 3 HSM firmware
By: Fotis Loukos
Scheduled on: January 28 at 15:00
From Web PKI and digital signatures to PCI-DSS and DNSSEC, a big part of the security industry currently depends on special cryptographic modules to implement cryptography, the so called Hardware Security Modules (HSMs). Every certificate used in the web has been signed by a key stored inside an HSM, and every time a DNSSEC query is being validated, the root keys generated by such an HSM are being used.
In this presentation, the security of such a device, the Utimaco SecurityServer, will be evaluated. Inside the device, a Texas Instruments TMS320C64x DSP can be found which performs all operations. The TMS320C64x DSP is an exotic architecture compared to the classic x86, x86_64, ARM, MIPS and other common architectures, due to its unique features, such as the multiple functional units, each having its own assembly commands and the ability to execute multiple commands in parallel. This architecture, together with the ABI and a small introduction to the memory organization will be presented. The research will then mostly focus on the device’s firmware. Due to the inability of IDA pro to correctly disassemble the files, and the minimal number of tools for this architecture, the capstone disassembler has been extended and the TMS320C64x architecture has been added. Finally, a vulnerability to the HSM’s firmware will be presented, together with the methodology that was used in order to find the bug.