[Cryptech Tech] arm

[Fredrik Thulin]

On Monday, January 12, 2015 12:01:30 PM Peter Gutmann wrote:
...
> Even just the basic USB interface (from
> https://wiki.cryptech.is/wiki/Hardware) is going to be problematic, look at
> e.g. Travis Goodspeed's work on attacking USB devices, Karsten Nohl et al's
> BadUSB stuff, and various disclosures about attacks at both the USB driver
> and the USB protocol level. 

You are right, and thank you for bringing this up on the list.

The conversation in Stockholm as I interpreted it sort of pointed towards 
possibly moving the external interface (USB / Ethernet / other) to a separate 
processor outside the tamper boundary but inside a fictional HSM "box" in the 
future.

Then, there would be something like this:

  FPGA  <---> ARM <-- simple I/O --> ARM <-- USB / Ethernet / ... --> host

One of the ARMs would be inside the tamper boundary, and the other one outside 
of it. I guess both of them would be inside what I think is generally called 
the "trusted computing environment" though.

Not that this solves the issues with insecure USB implementations, but it at 
least adds another layer of hardening and hopefully helps keep the 
cryptographic secrets safe even in the case of successful exploitation of the 
ARM with the USB interface.

The pragmatic need to start somewhere was to have USB directly to the ARM to 
the left for the Alpha board though.

/Fredrik