Crowdfunded STM32 LEIA Board Looks to Be a One-Stop Platform for Smart Card Security Analysis
Designed for everything from power analysis and glitching to full-functional card reading, LEIA offers solo and ChipWhisperer operation.
French non-profit open hardware foundation H2LAB has launched a crowdfunding campaign designed to bring those investigating smart card security a new tool: LEIA, an STM32-based platform for side-channel analysis (SCA).
"LEIA is an open hardware and open source device targeting smart card side-channel analysis (SCA) and evaluation, for educational and evaluation purpose," explains H2LAB's Mathieu Renard. "It implements a fully controlled ISO7816 stack with a dedicated custom hardware platform to acquire clean measurements for SCA characterization."
"The LEIA board is made of two main parts: a STM32 MCU that contains the firmware handling the ISO7816-3 stack, and the ISO7816-3 connector that communicates with the target smart card (i.e. handling the physical connection) and is isolated with optocouplers for clean measurements. Having a fully controlled ISO7816 stack allows to position precise triggers at dedicated events (sending an APDU, receiving the response, etc.), which helps to get synchronized traces of smart card consumption activity (and then analyze and extract secrets using classical SCA techniques). Low-level access to the ISO7816-3 protocol also allows to explore interesting paths such as smart cards conformity checks and so on."
The LEIA platform offers a range of smart card communication functions including a hardware-based ISO7816 with T=0 and T=1 support, a secondary bit-banged ISO7816 offering complete control over the entire communication processor, timing measurements, PTS negotiation with flexible ETU selection, and ISO7816 clock tuning — and the entire stack is open source.
The board also includes four trigger strategies across ten possible events, with a configurable delay and complete state recovery — plus a "solo" stand-alone mode with a dedicated trigger pin. Those used to using ChipWhisperer will be pleased to hear LEIA includes ChipWhisperer triggering through the standard 20-pin interface. LEIA is designed to act as everything from a classic smart card reader to a powerful security analysis tool with USB-powered and direct-powered analysis and glitching functionality.
The board is available via the project's Kickstarter campaign at €350 for early bird backers and €420 after with December delivery. The source code, meanwhile, can be found on the H2LAB GitHub repository.
