[Cryptech Tech] arm

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sat Jan 24 00:56:23 UTC 2015


Warren Kumari <warren at kumari.net> writes:

>That sounds like a fun plan -- I'll try see if I can get my hands on
>something like that...

One problem with targeting the Lynks specifically is that it's a currently-
sold product so you can't get it on the secondary market, you need to pay full
market price.  Also you'd need several of them, at least one to physically
destroy to find out what sort of SoC you're targetting, and then several that
you'll brick in the process :-).  I'll make some enquiries [0] to see if I can
get my hands on some spares, I need the ones I have for testing.

>Unfortunately many people physically destroy their HSMs after decommissioning
>them - yes, zeroing the keys *should* be enough, but the added protection /
>theater seems to be worth it to most. 

Enough people don't that you can amass quite a collection of crypto gear. Hmm,
you're somewhere in the US aren't you?  That's going to make freight a bit
difficult, particularly for the larger stuff (e.g. a 5U Visa payment gateway,
which is also an HSM, just a rather big heavy one).  The Lynks would make the
easiest targets because (a) it's current stuff and the vendor can't claim that
they've fixed it in a newer device and (b) they're easy to ship around.

Peter.

[0] As a subject of HM the Queen I make enquiries, not inquiries.


More information about the Tech mailing list