Zigbee AES Key Sniffing

zigbeesniffing

[Travis Goodspeed] posted a preview of what he’s working on for this Summer’s conferences. Last weekend he gave a quick demo of sniffing AES128 keys on Zigbee hardware at SOURCE Boston. The CC2420 radio module is used in many Zigbee/802.15.4 sensor networks and the keys have to be transferred over an SPI bus to the module. [Travis] used two syringe probes to monitor the clock line and the data on a TelosB mote, which uses the CC2420. Now that he has the capture, he’s planning on creating a script to automate finding the key.

Arduino PhotoLab


Droplet photography (link translated from French) often produces simple and beautiful images, but timing the exposure can be tricky. Snapping the photo too early or too late can cause you to miss the action, which only lasts a fraction of a second. EquinoxeFR (the people behind the Asus WL500GP audio hack) came up with a solution to this problem using a circuit with an ATmega168 running an Arduino environment. The circuit controls a syringe that contains a liquid and is triggered remotely to release a drop into a darkened chamber. A camera with the shutter open is attached to the chamber, and before the droplet hits, it crosses an IR sensor that triggers the flash to go off a few milliseconds later, capturing the unique crown shape of the impact. No schematic is available as yet, but comments at the bottom of the post suggest one will be coming soon.

Syringe Logic Probe, Revision 2

[Travis Goodspeed] has updated his syringe based logic probe that we covered earlier. Instead of soldering to the outside, he’s using silver wire shoved into the core of the needle. A nice side benefit is the safety cap now fits. Inside the syringe are two LEDs that indicate current direction. The sharp needle makes it a lot easier to hit small traces.