The common assumption is that the physical attacks are impossible to conduct by an entry-level hacker. This talk will challenge this belief by showing that with only open-source tooling and dirt-cheap equipment, it is possible to successfully attack such devices. This session will show how to extract AES key with SCA and bypass a security check with FI on a real device created for a hardware CTF.
Learning Objectives: 1: Challenge the belief of extreme complexity of hardware attacks. 2: Observe a real-life attack on an IoT device using the cheapest equipment. 3: Learn about a number of ways to mitigate the risk of a physical compromise.