The cost of a NAND chip off attack is 170.87€

submited by
Style Pass
2024-11-13 20:30:02

Hardware attacks are becoming cheaper with every passing day for two reasons: first, the cost of the tools is going down and second because there is more documentation available.

Having a vague undestanding of the overall cost metrics of an attack (knowledge, money and time) is a necessary input to perform risk analysis. One might initially assume that a NAND chip-off attack is going to require an expert engineer, a few days of work and an impressive electronics lab and therefore mis-classify vulnerabilities as beyond a certain scope (page 426 of the Common Criteria Attack Potential).

So how much expertise, time and money do you really need to perform a chip-off attack on a BGA NAND nowadays? Well I tried it and the expertise required is not impressive, the time was literally 30 minutes and the total cost was 170.87 euros with quite a lot of room for optimization.

Apply a liberal amount of flux to the targeted zone. I’ve started heating the surroundings at 280°C for about a minute, then cranked up the heat to 350°C. The exact numbers don’t mean much because your hot air station will differ, you’ll use another nozzle size and the distance from which you’ll blow the air will be different also. But start on the low end to distribute the heat to all nearby components and then increase the temperature until the solder melts and becomes shiny, which might take 2-3 more minutes. Re-add some flux periodically when it’s been vaporized or blown away. This process can be sped up significantly by using a heating plate to pre-heat the board.

Leave a Comment