Showing 1–2 of 2 results for author: Heckmann, T

A forensic analysis of the Google Home: repairing compressed data without error correction

Authors: Hadrien Barral, Georges-Axel Jaloyan, Fabien Thomas-Brans, Matthieu Regnery, Rémi Géraud-Stewart, Thibaut Heckmann, Thomas Souvignet, David Naccache

Abstract: This paper provides a detailed explanation of the steps taken to extract and repair a Google Home's internal data. Starting with reverse engineering the hardware of a commercial off-the-shelf Google Home, internal data is then extracted by desoldering and dum** the flash memory. As error correction is performed by the CPU using an undisclosed method, a new alternative method is shown to repair a… ▽ More This paper provides a detailed explanation of the steps taken to extract and repair a Google Home's internal data. Starting with reverse engineering the hardware of a commercial off-the-shelf Google Home, internal data is then extracted by desoldering and dum** the flash memory. As error correction is performed by the CPU using an undisclosed method, a new alternative method is shown to repair a corrupted SquashFS filesystem, under the assumption of a single or double bitflip per gzip-compressed fragment. Finally, a new method to handle multiple possible repairs using three-valued logic is presented. △ Less

Submitted 29 September, 2022; originally announced October 2022.

Comments: 28 pages, modified version of paper that appeared originally at Forensic Science International: Digital Investigation

Journal ref: Forensic Science International: Digital Investigation, Volume 42, 2022, 301437, ISSN 2666-2817

Physical Fault Injection and Side-Channel Attacks on Mobile Devices: A Comprehensive Analysis

Authors: Carlton Shepherd, Konstantinos Markantonakis, Nico van Heijningen, Driss Aboulkassimi, Clément Gaine, Thibaut Heckmann, David Naccache

Abstract: Today's mobile devices contain densely packaged system-on-chips (SoCs) with multi-core, high-frequency CPUs and complex pipelines. In parallel, sophisticated SoC-assisted security mechanisms have become commonplace for protecting device data, such as trusted execution environments, full-disk and file-based encryption. Both advancements have dramatically complicated the use of conventional physical… ▽ More Today's mobile devices contain densely packaged system-on-chips (SoCs) with multi-core, high-frequency CPUs and complex pipelines. In parallel, sophisticated SoC-assisted security mechanisms have become commonplace for protecting device data, such as trusted execution environments, full-disk and file-based encryption. Both advancements have dramatically complicated the use of conventional physical attacks, requiring the development of specialised attacks. In this survey, we consolidate recent developments in physical fault injections and side-channel attacks on modern mobile devices. In total, we comprehensively survey over 50 fault injection and side-channel attack papers published between 2009-2021. We evaluate the prevailing methods, compare existing attacks using a common set of criteria, identify several challenges and shortcomings, and suggest future directions of research. △ Less

Submitted 22 March, 2022; v1 submitted 10 May, 2021; originally announced May 2021.

Journal ref: Computers & Security. 111 (2021) 102471