This mini-module is designed as a compact and concise introduction to various hardware attacks.
It serves to cover three specific topics:
- Uncovering risks associated with
Bluetoothtechnology and various
- Learning about
Cryptanalysis Side-Channel Attacks.
- Understanding the
In the first section, we explore the historical aspect of Bluetooth hacking, detailing various legacy attacks such as
Bluebugging. As we move into the contemporary era of Bluetooth hacking, we examine more sophisticated attacks like
Next, we transition into
Cryptanalysis side-channel attacks. We look at a brief history and the principles of cryptanalysis before delving into different types of side-channel attacks, including
power-monitoring attacks, and
Subsequently, we shift our attention towards
microprocessors - the core of any computing device. You'll learn a bit about their design process, encompassing
physical design, and
verification. Furthermore, we'll discuss a few
optimisation strategies, such as
speculative execution, and
The final section will look at microprocessor vulnerabilities, focusing on
Meltdown and a few mitigation strategies, including
Kernel Page-Table Isolation (KPTI).
CREST CCT INF-related Sections:
- All sections
In this digital age, understanding potential vulnerabilities and their mitigation is paramount. However, these vulnerabilities are not purely software-based. Significant threats exist that a simple software update cannot resolve. Hardware security requires serious consideration, extending from specific technologies like Bluetooth to the microchips powering our digital age.
This mini-module provides a theoretical focus on Bluetooth hacking methods, cryptanalysis side-channel attacks, and microprocessor vulnerabilities.
Bluetooth technology, designed for short-range wireless communication between devices, is ubiquitous in today's digital era. Despite its convenience, it opens up a new attack surface for hackers. In this section, we'll dive into several types of Bluetooth hacking:
Bluesnarfing: A cyber-attack involving unauthorised access to information from wireless devices through Bluetooth.
Bluejacking: An attack that sends unsolicited messages to Bluetooth-enabled devices.
BlueSmacking: A Denial-of-Service attack that overwhelms a device's Bluetooth connection.
Bluebugging: A technique used to gain control over a device via Bluetooth.
BlueBorne: A set of vulnerabilities that allow attackers to take control of devices, spread malware, or perform other malicious activities via Bluetooth.
KNOB(Key Negotiation of Bluetooth): An attack that manipulates the data encryption process during Bluetooth connection establishment, weakening security.
BIAS(Bluetooth Impersonation AttackS): This attack exploits a vulnerability in the pairing process, allowing an attacker to impersonate a trusted device.
Cryptanalysis Side-Channel Attacks
Cryptanalysis side-channel attacks are an intriguing topic in cybersecurity. These attacks utilise information gained from implementing and running a computer system rather than brute force or theoretical weaknesses in algorithms. We'll discuss:
- A short history of side-channel attacks
Timing Attacks: These exploit the correlation between the computation time of cryptographic algorithms and the secrets they process.
Power-Monitoring Attacks: These monitor the power consumption of a device to determine what data it is processing.
Microprocessors form the backbone of any computational device. However, their complex design and optimisation strategies often introduce vulnerabilities. We'll explore what microprocessors are, and two notorious microprocessor vulnerabilities:
As well as delve into mitigation strategies such as:
Retpoline: A binary modification technique used to thwart branch target injection.
- Compiler modifications
Kernel Page Table Isolation (KPTI): A technique used to isolate the kernel's memory space from user space processes.
- Microcode updates