EEVblog #771 - Electronic Safe Lock Powerline Attack Part 2

[EEVblog]

Dave does some more quick basic testing of the La Gard Basic digital safe lock, for any obvious power line exploits.
Part 1 is here

[miguelvp]

To find out the first 2 digits (if you could tell 100% if the sequence is good or bad)
100*14 seconds (2 second keypresses 10 seconds wait 2 seconds analyze result) (also including 0X as a start sequence)

So that will take 24 minutes max. I guess with an MCU assisting the analysis and timing you could reduce it to  around 20 minutes.

3rd, 4th & 5th digit 140 seconds per digit manually or  2 minutes MCU assisted.

So far 26 minutes worst case MCU assisted or a bit above 30 minutes manually.

The last digit. You get 3 attempts at 42 seconds per attempt, Then wait the penalty time and repeat the next 3 digits, penalty next 3 digits and bingo.

Total, about 32 minutes with the help of the scope to wait for the shutdown, plus add 3 lock downs (15 minutes or 30 minutes depending if it's a 5 minute lock down or a 10 minute one)

So if you are pretty organized and you are unlucky and the last guess is the right one, well about 45 minutes to one hour depending on the lock down time.

But that is "IF" the patterns between right/wrong sequence are more discernible than what it's shown in the video.

[Xenon Photon]

Will the micro rest and clear the incorrect password count or the 5 minutes lockout if you disconnect the 9v battery and discharged (wait for few seconds or short the terminals) the caps?

#Edit - Partially answered before ... but how about the 3 tries before the lockout?Does it record in EEPROM how many wrong passwords are entered?

I did not see a big capacitor inside. It may be possible to override the lockout by disconnecting and reconnecting power, unless the safe does not open for 10 minutes after "replacing the battery".

It doesn't reset, I tried that.
It can't write the timer value to the EEPROM because that would kill it, and can't use SRAM obviously, so it must write one bit to the EEPROM saying it's in lockout mode. Upon power up if that bit it set it waits 5 minutes, otherwise it starts working right away.

[miguelvp]

It would be easier to undo the white knob and let the retaining screw fall inside the safe. That will give you a big hole but not sure if the angle from there to the lock would permit you to drill into the solenoid or if you know the right measurements right on the pin.

Maybe taking out that handle only gives you access to the screw and you have to mechanically rotate it from the outside to get the retaining big screw out.

Then again if you know the dimensions on where to drill you could probably cut the retaining pin going through both plates and the lock enclosure.

Or maybe with an angle to avoid the extra plate to make it easier.

[Fungus]

I've mentioned several times that pushing the multi-function knob to set values is a huge fail. Good to see that Dave agrees.

PS: They should change it so you can press the corresponding menu button again to select the value.

[EEVblog]

I've mentioned several times that pushing the multi-function knob to set values is a huge fail. Good to see that Dave agrees.

I like the convenience and obviousness of it, I think it's just a bit fiddly.

[firewalker]

I don't believe that the designer took any special measures (to the code part) to prevent those kind of attacks.

Alexander.

[hendorog]

I've mentioned several times that pushing the multi-function knob to set values is a huge fail. Good to see that Dave agrees.

I like the convenience and obviousness of it, I think it's just a bit fiddly.

It's slightly more reliable to push and hold the knob in while highlighting the option. Then release it to select.

[Fungus]

I've mentioned several times that pushing the multi-function knob to set values is a huge fail. Good to see that Dave agrees.

I like the convenience and obviousness of it, I think it's just a bit fiddly.

There's no reason why they can't do it both ways (push knob or menu button)- make everybody happy.

[Hoodaly]

I think that the pattern is very clear from the measurements you made:
On a button press we see a medium dip, then a big dip. If the digit is wrong, we immediately get the huge dip from the beep. If the digit is right, we have a few (like one or two) cycles before the huge dip. IIRC that's consistent with all your data.

[f4eru]

3 possible ways to code that :
1) The SW compares each digit press on the fly (wrong implementation, security wise)
2) the SW stores the sequence in RAM, then, on the last digit pressed, compares the whole sequence to the cleartext password
3) the SW stores the sequence in RAM, then, on the last digit pressed, hashes it, then compares the whole sequence to the hash of the password. The hash should also include a salt that varies for each safe, and should not be stored in the eeprom.

The right way to implement is the no. 3.
This resists even if you could read out the data on the SPI eeprom (which is perhaps feasible, but not with the 8 bit A/D of a scope)

The way no. 2 can be broken if the compare function is not constant time. But the measurement time base must be precise to a uC cycle

The way no.1 is easy to break.

The peaks in the waveforms you show seem to be waking up cycles, or periodic interrups of the micro. Probably only one "interrupt" every two can take key presses, so you see differences based on which of those two inteerups you hit with your button press. It could be more consistent if the button presses are simulated by HW always at the same time to hit the same "interrupt"

The height of the negative peaks probably shows the execution time of the function.

[wreeve]

Why use the Rigol when you have Tek and Agilent on the shelf....are you on commission Dave?

[dr.diesel]

are you on commission Dave?

    

[Wilksey]

I believe it's so "we" can follow along at home, not everybody has the budget for a Tek or Agilent / KeySight, but the Rigols are generously priced.

[wreeve]

It was clearly frustrating him a few times and that strange different trigger on "0". I would have loved to see one of the other scopes hooked up to see if spending more on the big brands is worth it from a use-ability point of view. I'm certainly not an equipment snob :-)

[EEVblog]

Why use the Rigol when you have Tek and Agilent on the shelf....are you on commission Dave?

No I'm not on commission. Kinda obvious i thought when I slag off the dicky adjustment knob and slow horizonal control
I used the Rigol because it was right there at the time. It also probably helps that is has a "low noise" 500uV front end the others don't. The Agilent is 2mV/div.
If I used the Tek or the Keysight, would you also say I'm on commission from them?

[wreeve]

Why use the Rigol when you have Tek and Agilent on the shelf....are you on commission Dave?

No I'm not on commission. Kinda obvious i thought when I slag off the dicky adjustment knob and slow horizonal control
I used the Rigol because it was right there at the time. It also probably helps that is has a "low noise" 500uV front end the others don't. The Agilent is 2mV/div.
If I used the Tek or the Keysight, would you also say I'm on commission from them?

So the machine for the job. I hadn't realised they went down to 500uV per division. Sorry about the commission comment, I meant to be flippant!

[Muttley Snickers]

For better or worse and I'm nobody's puppet, most of my education came from this fine group with no strings attached. Check out 35:00 onwards, this documentary series forms part of my professional training.

https://youtu.be/7pZgo5gLIQ0?t=2125

[apis]

So if you are pretty organized and you are unlucky and the last guess is the right one, well about 45 minutes to one hour depending on the lock down time.

But that is "IF" the patterns between right/wrong sequence are more discernible than what it's shown in the video.

IF this works with an one hour worst case, then I would say it's a major vulnerability. It might be faster to open this safe with power-tools but:

• The other safes Dave mentioned in the first video doesn't look so easy.
• There are advantages to be able to open one silently and without a trace.
• You get the code which is a big advantage: then you can open/close the safe at will and the same or similar code might be used elsewhere.

[kubatyszko]

How about a theory that the various (non-repeateable) waveforms might be caused by varying time between keypresses ?
(What struck me with that idea is that you reach with your right hand to get the scope back into single-shot).

I'm simply thinking that if the micro inside has come decoupling then that definitely has limited capacity - if you wait long enough between keypresses it will deplete and reach into battery for more juice.

To prove or disprove that you would probably need a jig that would press the keys for you and allow for varying the time (up to 10 seconds of course).

[coflynn]

As a note: "0" is the programming mode ("000000"), see the manual posted online. They probably are all different, but for this model it is "0".... might explain the oddity.

Also the keypad has no smarts, it uses resistors to multiplex the data (i.e. based on voltages to determine key-press).

[Matje]

Dave, did you think about using the Waveform Record feature (the segmented memory kind of thing) of the Rigol?

I think it would make for nice comparisons between the waveforms for the keys in a sequence. You could even go full in and use the Waveform Analysis feature to automatically find differences, but for only 5 or 6 frames that is probably overkill.

Might still make for a good real life demonstration of these features?

[PA0PBZ]

How about a theory that the various (non-repeateable) waveforms might be caused by varying time between keypresses ?
(What struck me with that idea is that you reach with your right hand to get the scope back into single-shot).

This.

[AF6LJ]

Well lets see...
Good supply decoupling, added with what is most likely not a new battery that could be presenting variations in internal resistance. I think power line attacks in this day and age are like chasing windmills.

You need to try and attack it from its emissions.
You might even be able to open this with something as simple as an AM radio tuned to a dead spot in the band to hear the logic noise emitted from the safe.
Van Eck Phreaking.

[Badger]

The current powerline attack approach presupposes the keyed digits are compared against the correct code as each digit is entered. I think it's more likely the entire 6-digit code is compared once the complete sequence has been entered.

I expect the safe software waits for a complete code of 6 digits before checking against the correct combination. This comparison is probably done character-wise from the start of the code so there may be a timing attack there; the comparison takes longer when more digits on the left side are correct

example pseudo-code

Code: [Select]

char[6] correct = “123456”
char[6] entered = “314159”
// function may be susceptible to timing attack as function exits when first incorrect digit is encountered. Execution time is linked to the number of correct digits on the LHS.
bool check_code() {
    for (i=0; i<6; i++){
        if (correct[i] != entered[i])
            return false;
    }
    return true;
}
If it's possible to measure a timing difference in the checking function (e.g. between last button press and uP sleep) it may be possible to tell if how many of the leading digits entered are correct.