A forensic analysis of the Google Home: repairing compressed data without error correction
Authors:
Hadrien Barral,
Georges-Axel Jaloyan,
Fabien Thomas-Brans,
Matthieu Regnery,
Rémi Géraud-Stewart,
Thibaut Heckmann,
Thomas Souvignet,
David Naccache
Abstract:
This paper provides a detailed explanation of the steps taken to extract and repair a Google Home's internal data. Starting with reverse engineering the hardware of a commercial off-the-shelf Google Home, internal data is then extracted by desoldering and dum** the flash memory. As error correction is performed by the CPU using an undisclosed method, a new alternative method is shown to repair a…
▽ More
This paper provides a detailed explanation of the steps taken to extract and repair a Google Home's internal data. Starting with reverse engineering the hardware of a commercial off-the-shelf Google Home, internal data is then extracted by desoldering and dum** the flash memory. As error correction is performed by the CPU using an undisclosed method, a new alternative method is shown to repair a corrupted SquashFS filesystem, under the assumption of a single or double bitflip per gzip-compressed fragment. Finally, a new method to handle multiple possible repairs using three-valued logic is presented.
△ Less
Submitted 29 September, 2022;
originally announced October 2022.
Physical Fault Injection and Side-Channel Attacks on Mobile Devices: A Comprehensive Analysis
Authors:
Carlton Shepherd,
Konstantinos Markantonakis,
Nico van Heijningen,
Driss Aboulkassimi,
Clément Gaine,
Thibaut Heckmann,
David Naccache
Abstract:
Today's mobile devices contain densely packaged system-on-chips (SoCs) with multi-core, high-frequency CPUs and complex pipelines. In parallel, sophisticated SoC-assisted security mechanisms have become commonplace for protecting device data, such as trusted execution environments, full-disk and file-based encryption. Both advancements have dramatically complicated the use of conventional physical…
▽ More
Today's mobile devices contain densely packaged system-on-chips (SoCs) with multi-core, high-frequency CPUs and complex pipelines. In parallel, sophisticated SoC-assisted security mechanisms have become commonplace for protecting device data, such as trusted execution environments, full-disk and file-based encryption. Both advancements have dramatically complicated the use of conventional physical attacks, requiring the development of specialised attacks. In this survey, we consolidate recent developments in physical fault injections and side-channel attacks on modern mobile devices. In total, we comprehensively survey over 50 fault injection and side-channel attack papers published between 2009-2021. We evaluate the prevailing methods, compare existing attacks using a common set of criteria, identify several challenges and shortcomings, and suggest future directions of research.
△ Less
Submitted 22 March, 2022; v1 submitted 10 May, 2021;
originally announced May 2021.