close-circle
Close

Glitching an Android Smartphone

A project log for ChipWhispererĀ®: Security Research

ChipWhisperer laughs at your AES-256 implementation. But it laughs with you, not at you.

coflynn 09/21/2014 at 01:060 Comments

Here's another interesting glitch attack: a regular Smartphone. I've made a small demo video to show you what happens, I just presented this at the HTCIA Atlantic conference here in Halifax, NS, Canada. So I thought I'd share it more widely as I bet it's of interest to you. I couldn't get the embedded video to work on this project log, so here's a link to it on YouTube (you can't actually click the image sorry):

The details are similar to my Linux glitch demo from below, so I won't duplicate too much. It uses a MOSFET again to cause the glitch, which shorts the power pins to the SoC device on the android phone. My target code is again a double-loop which increments a variable.

Again I'm able to glitch the application without crashing the phone or causing other negative effects! This is pretty interesting as it shows you can cause incorrect data to be processed... this could cause anything from bypassing the lock screen to inserting faults in the encryption running on your phone.

Discussions