Forensic security of an Arduino (SRAM)

Know of someone that works in computer forensics and/or data recovery? This question is for them (Arduino experience is a plus).

So I get the idea of uploading a "stop" sketch for the purpose of overriding a previously uploaded program in Flash memory space.

Then of course we have EEPROM for "long-term" storage.

However, let's say an Arduino:

  • Read user input as secret key and store in memory (SRAM)
  • Performed a signing operation with secret key
  • Subsequently powered off

We know that computers introduce a wide range of complications to security because data can still be recovered, even after being erased or overwritten in some cases, variables stored in memory float around (unless pinned for decryption in SecureString contexts, etc.), etc.

To establish context for the following questions, let's [overly] simplify the attack vector in saying this would be a scenario where an Arduino used in a security application is physically disconnected, stolen, and then powered on sometime later.

Question 1: Obviously we're not talking about storing keys on disk necessarily (i.e. EEPROM). How likely (or difficult) would it be to analyze SRAM with the intent to recover keys that may have been previously stored in memory?

Question 2: Similarly, let's say sensitive information was in fact stored in EEPROM. Does the same hold true of data previously stored in EEPROM that has since been overwritten with new (i.e. zero) data?

Thanks!

rdev5: Know of someone that works in computer forensics and/or data recovery? This question is for them (Arduino experience is a plus).

So I get the idea of uploading a "stop" sketch for the purpose of overriding a previously uploaded program in Flash memory space.

Then of course we have EEPROM for "long-term" storage.

However, let's say an Arduino:

  • Read user input as secret key and store in memory (SRAM)
  • Performed a signing operation with secret key

One does not sign with a secret key. One signs with a private key and checks a signature with the corresponding public key.

  • Subsequently powered off

We know that computers introduce a wide range of complications to security because data can still be recovered, even after being erased or overwritten in some cases, variables stored in memory float around (unless pinned for decryption in SecureString contexts, etc.), etc.

To establish context for the following questions, let's [overly] simplify the attack vector in saying this would be a scenario where an Arduino used in a security application is physically disconnected, stolen, and then powered on sometime later.

Question 1: Obviously we're not talking about storing keys on disk necessarily (i.e. EEPROM). How likely (or difficult) would it be to analyze SRAM with the intent to recover keys that may have been previously stored in memory?

One should never store cryptography keys (private or secret) in the clear; they should only ever be stored encrypted with the encryption key stored only in a persons memory. This is the way that many/most HSMs (Hardware Security Modules) work. Obviously, at some point a key will have to be stored in the clear in RAM so that it can be used in a cryptographic process and then it is vulnerable to attack. There has been extensive research on recovering keys from RAM after the power has been turned off. It can be done but not reliably. Google should find a load of references.

Question 2: Similarly, let's say sensitive information was in fact stored in EEPROM. Does the same hold true of data previously stored in EEPROM that has since been overwritten with new (i.e. zero) data?

One should never store sensitive information in EEPROM without first encrypting it.

stowite: One does not sign with a secret key. One signs with a private key and checks a signature with the corresponding public key. One should never store cryptography keys (private or secret) in the clear; they should only ever be stored encrypted with the encryption key stored only in a persons memory. This is the way that many/most HSMs (Hardware Security Modules) work. Obviously, at some point a key will have to be stored in the clear in RAM so that it can be used in a cryptographic process and then it is vulnerable to attack. There has been extensive research on recovering keys from RAM after the power has been turned off. It can be done but not reliably. Google should find a load of references.One should never store sensitive information in EEPROM without first encrypting it.

One does not sign with a secret key, one signs with a private key? Just exactly what is the difference between a secret key and a private key?

Sorry, but none of this is very helpful nor answers either of the questions.

rdev5: One does not sign with a secret key, one signs with a private key? Just exactly what is the difference between a secret key and a private key?

Secret keys are for use with symmetric encryption algorithms such as AES and DES. Private keys (and their associated public keys) are used with asymetric public key algorithms such RSA and DSA.

Sorry, but none of this is very helpful nor answers either of the questions.

Then I must have misunderstood what you were asking; I thought you were asking about the dangers of storing secret information in EEPROM. My response was - don't store anything meant to be kept secret in EEPROM unless it is first encrypted.

Sorry I could not help. Bye.

Back to your initial two questions, neither would be possible without very carefully decapping the AVR package and probing the silicon on the chip. Not impossible but requires some pretty serious machinery to pull it off.