Laser hacking. If there’s one phrase that says we’re already living in the future I imagined as a kid, it’s laser hacking, or to give one method its more technical term, “laser fault injection”. While laser-based hacking techniques aren’t exactly new, you’d usually need advanced and expensive machinery to pull off such an advanced trick.
However, two hackers at the security firm NetSPI plan to present their open source, 3D printable solution, called the RayV Lite, at the Black Hat cybersecurity conference in Las Vegas later this week (via Wired). Costing just $500 to construct and using many off-the-shelf components, the duo hope that the device will bring laser hacking to the masses.
First, a primer: Modern chips use transistors that are incredible small. So small, in fact, that they’re vulnerable to tiny variations in charge. Laser hacking devices using the laser fault injection method use a precisely targeted and timed laser blast (a sentence I always wanted to write) to knock electrons out of place and cause a glitch on the chip.
By identifying an exact time and place to focus the laser, hackers can potentially disrupt hardware security measures and gain access to all sorts of chip capabilities that would otherwise be under lock and (hardware) key.
Normally, you’d need some serious hardware and a whole lot of cash to achieve such an effect. However, Sam Beaumont and Larry “Patch” Trowell have designed a tool that uses a set of relatively cheap and widely available components, including a $20 laser pointer, a Raspberry Pi, and an open source 3D printed microscope design to achieve the same effect.
The creators hope to encourage hardware manufacturers to secure chips against laser hacking methods, after being told by clients that laser fault injection and similar methods of attack were too expensive to enact and thereby not a high priority to secure against. By creating a device that supposedly costs a mere $500 to build, they hope to show that such attacks are now capable of being enacted by DIYers and hobbyists.
“We’re not discovering anything new, in the sense that other people have used lasers this way before” says Beaumont. “We’re doing it at a lower cost, so that people can do this in their homes.”
In testing, one automotive chip glitched with a laser bypassed a security check that allowed the hackers to scan through its code to identify vulnerabilities. Cryptocurrency wallets protected by a PIN are vulnerable too, according to the researchers:
“You take the chip off the crypto wallet, hit it with a laser at the right time, and it will just assume you have the PIN. It just jumps through the instructions and gives the key back.”
The first version of the tool will focus on laser fault injection, while a later version is planned to make use of a different method using laser logic state imaging. This more advanced technique uses a laser to monitor a chips architecture and activity to map out data as it’s being processed, revealing vulnerabilities that can later be exploited.
While laser-based hacking methods seem like something that’s come straight from the pages of science fiction novels, it seems like this tool has a good chance of enabling a new generation of hobbyists to start messing with the precious electrons flowing around our electronic devices.
While security is the primary concern here, having access to a relatively cheap tool that can target, disrupt, and reveal the inner workings of immensely complicated silicon will hopefully further the understanding of many. Either that, or your hardware crypto wallet just became a whole lot more vulnerable to the tyranny of lasers, rather than simply being prone to slipping down the back of the sofa—or given the volatility of the crypto market, an occasionally expensive paperweight.