SANS Community Nights are a great way to stay in touch with your local InfoSec community and to hear the latest in technical wizardry, industry intelligence, and thought leadership from our amazing instructors.
Join us at:
The University of Queensland City Campus,
308 Queen Street
Brisbane QLD 4000.
View the agenda below:
Wednesday, October 16, 2024
5:30 pm – 6:00 pm
Registration and Drinks
6:00 pm-7:00 pm
Presentation
Title: Unlocking Secrets: Pulseview & Side-Channel Timing Attacks on a Keypad Safe presented by SANS Principal Instructor Monta Elkins.
Abstract:
In this demo of hardware hacking, we'll introduce PulseView - the 'Wireshark of hardware hacking' - and demonstrate a technique to unlock a keypad safe. Our method? A Side-Channel Timing Attack, which relies on the timing discrepancies in the user interface.
Using an affordable logic analyser (priced under $20), we'll capture microsecond changes in response times tied to incorrect passcodes. By leveraging this side-channel data, we will carefully decipher the true passcode of the safe.
Unique Approach:
Traditional hacking often focuses on software vulnerabilities to exfiltrate sensitive data. In this demonstration, we will show how the timing of system responses can leak data without any traditional vulnerabilities. This approach emphasises the power and subtlety of side-channel attacks in extracting valuable information.
Insights for Attendees:
- Understand how a side-channel timing attack works to reveal sensitive data.
- Learn about the key functionality of logic analysers and the PulseView software, often called the 'Wireshark of hardware hacking.'
- Gain practical knowledge on how to utilise changes in response time to recover the passcode of a keypad safe.
Join us for this insightful session to explore the intricacies of hardware hacking and enhance your cybersecurity skill set with real-world applications and techniques.