Brightsight Security Lab in a Box (BSLB)
What set-ups and equipment are included in BSLB?
Brightsight EMFI setup
The EMFI setup injects glitches by emitting an electromagnetic pulse. To generate these pulses, an in-house developed coil is used in combination with an EMFI pulse generator. This coil is placed very close to the target of evaluation (TOE). The brief presence of a strong electric field induces a current that may affect the behaviour of the TOE.
Brightsight BBI setup
The BBI setup is similar to the EMFI setup. The main difference is the way energy is injected into the chip. Where EMFI uses a coil close to the surface (metal side) of the chip, BBI uses a needle placed onto the substrate (silicon side) of the chip to inject energy locally into the product. As with EMFI, this may affect the behaviour of the TOE.
Brightsight VG setups: Low Power Voltage Glitch (LPVG) and High Power Voltage Glitch (HPVG)
The VG setup injects faults through the voltage supply line of the product. To inject these faults, a glitch is introduced to generate a power spike. These spikes can cause a processor to skip or misinterpret an instruction, but also induce memory faults.
Brightsight Side-Channel Analysis setup
With the SCA setup, you can take measurements in order to perform attacks on ICs, smart cards and terminals. You can measure the power consumption and/or the EM emanation of your samples. These side channels reveal information about the processes running on the devices. Statistical analysis of the measurements obtained may reveal secret information from these side channels, such as PIN values or encryption keys.
Brightsight Side-Channel Deep Learning Extension
The Deep Learning Extension is configured to perform computationally intensive analysis of data obtained from the Side-Channel Analysis Measurement setup. Such analysis includes deep learning, template attacks, statistical analysis, and any other tasks that benefit from running on a high-performance PC.
Brightsight Laser setups: Long Pulse Laser (LPL) and Short Pulse Laser (SPL)
BSLB comes with two laser setups. There is a substantial difference between the laser sources in these two setups, which means they affect the sample in different ways. The SPL is a powerful laser that emits very short pulses. By carefully controlling the power, you can influence the behaviour of the TOE. The LPL is less powerful than the SPL, but it generates longer pulses, which affect silicon in a different way. When attacking a chip with an LPL or SPL, you can target either the metal side or the silicon side of the chip.
- Brightsight Matrix: the measurement and analysis framework. This provides support to control the various measurement setups used at Brightsight as well as a range of tools for data analysis.
- Brightsight Sideways: the main signal analysis tool. This is used to prepare and analyse sets of measured power and EM traces.
