Changes

Jump to navigation Jump to search
842 bytes added ,  01:06, 10 April 2018
this isn't that hard, gdi
Line 33: Line 33:  
| January 20, 2018
 
| January 20, 2018
 
| [[User:SciresM|SciresM]] and [[User:motezazer|motezazer]]
 
| [[User:SciresM|SciresM]] and [[User:motezazer|motezazer]]
 +
|-
 +
| Security Engine keyslots vulnerable to partial overwrite attack
 +
| The Tegra X1 security engine supports writing keyslot data to the engine with syntax as follows: SECURITY_ENGINE->AES_KEYTABLE_ADDR = (keyslot << 24) | (dword_index_in_keyslot); SECURITY_ENGINE->AES_KEYTABLE_DATA = readle32(key, dword_index_in_keyslot * 4);
 +
 +
However, the Security Engine flushes writes to the internal key tables immediately when AES_KEYTABLE_DATA is written -- this allows one to overwrite a single dword of a key at a time, and thus brute force the contents of keyslots in time (2^32 * 8) = 2^35 instead of 2^256.
 +
| Disclosure of contents of "write-only" security engine AES keyslots.
 +
| HAC-001
 +
| Theorized Summer 2017 due to suggestive syntax, confirmed April 9, 2018
 +
| April 9, 2018
 +
| [[User:SciresM|SciresM]], almost surely others (independently).
 
|}
 
|}
  

Navigation menu