Hackers of India

Achilles Heel In Secure Boot: Breaking RSA Authentication And Bitstream Recovery From Zynq-7000 SoC

By  Arpan Jati  on 11 Mar 2024 @ Nullcon


Presentation Material

Abstract

Secure boot forms the backbone of trusted computing by ensuring that only authenticated software is executed on the designated platform. However, implementation of secure boot can have flaws leading to critical exploits. In this presentation, we highlight a critical vulnerability in open source First Stage Boot Loader (FSBL) of AMD-Xilinx’s flagship and award winning Zynq-7000 System on Chip (SoC) solution for embedded devices. The discovered vulnerability acts as a ‘single point of failure’ allowing complete bypass of the underlying bypass RSA authentication during secure boot. As a result, a malicious actor can take complete control of the device and run unauthenticated/malicious applications. We demonstrate an exploit using the discovered vulnerability in form of first practical ‘Starbleed’ attacks on Zynq-7000 devices to recover the decrypted bitstream from an encrypted (using AES-256) boot image.

The identified flaw has existed in the secure-boot software for more than 9 years. The vulnerability was responsibly disclosed to the vendor under CVE 2022/23822. The vendor thereafter patched the FSBL software, and issued a design advisory. Finally, we motivate the need towards more rigorous security evaluation tools to test for such trivial security vulnerabilities in software.