30 Oct '17, 8pm

Pull Passwords Out of Silicon

Pull Passwords Out of Silicon

[q3k] got tipped off to a very cool problem in the ongoing Pwn2Win capture-the-flag, and he blew it out of the water by decoding the metal interconnect layers that encode a password in a VLSI IC . And not one to rent someone else’s netlist extraction code, he did it by writing his own . The problem in the Pwn2Win CTF came in the form of the design files for a hypothetical rocket launch code. The custom IC takes an ASCII string as input, and flips a pin high if it matches. Probably the simplest way to do this in logic is to implement a shift register that’s long enough for the code string’s bits, and then hard-wire some combinatorial logic that only reads true when all of the individual bits are correct. (No, you don’t want to implement a password-checker this way — it means that you could simply brute-force the password far too easily — but such implementations have been s...

Full article: https://hackaday.com/2017/10/30/pull-passwords-out-of-sil...

Tweets

Silicon Valley was Built on Tubes of Glass

hackaday.com 02 Nov '17, 2pm

Yes, what I recall from reading was that De Forest could only see the tube as an amplifier. Armstrong in coming up with re...

puppet-autostager (0.0.13): Create a puppet env...

rubygems.org 29 Oct '17, 3pm

RubyGems.org is the Ruby community’s gem hosting service. Instantly publish your gems and then install them . Use the API ...