[Cryptech Tech] RTC on Alpha

[Warren Kumari]

On Tue, Feb 2, 2016 at 1:56 AM Basil Dolmatov <dol at reedcat.net> wrote:

>
>
> dol@ с iPad
>
> 1 февр. 2016 г., в 21:24, Warren Kumari <warren at kumari.net> написал(а):
>
>
>
> On Mon, Feb 1, 2016 at 1:07 PM Fredrik Thulin <fredrik at thulin.net> wrote:
>
>> Hi
>>
>>
>>
>> The suggestion has been made to remove the external RTC chip currently on
>> the Alpha schematics, and instead just rely on the RTC inside the ARM.
>>
>>
>>
>> The end of the discussion last time was Basil asking which chip was more
>> likely to be possible to tamper with. I think the answer is "they are both
>> pretty easy to tamper with if you have code execution privileges in the
>> ARM".
>>
>
> Probably a stupid idea, but what about using *both*? If the time between
> the 2 RTCs is >N, assume some shenanigans?
>
> What for?
> What is threat model and adversary model?
> We can evaluate the necessity of any countermeasures only against
> well-defined threat model.
>

Basil was asking (earlier) which was easier to tamper with -- if an
attacker is only able to tamper with one of the clocks, then we would be
able to detect that they have tried to roll the time forward / back.

It depends on *how* we think an attacker may try and shift time -- if they
do it because they have code execution on the ARM, well, then:
A: presumably they can easily tamper with both and
B: we have much larger issues.

If, on the other hand we think that they may tamper with it some other way
(e.g resonance coupling, intercepting the signals (from an external RTC
(assuming it isn't in the envelope)), heating / cooling the device to a
point just before tripping tamper sensors, etc) then having two distinct
sources of clock could be useful -- time is important in an HSM, being able
to mint / sign things in the past / future could be an a useful capability
for an attacker.


We also haven't really discussed (or, I missed it) how we keep the time
correct on the device -- I'm assuming something like a built in clock
disciplined by  [NTP|GPS|PPS]?

W




>
> Based on how quickly RTCs seems to drift, this may end up with lots of
> false positives though....
>
> W
>
>
>
>>
>>
>> OK to remove external chip? The internal RTC is likely easier to
>> interface with, so it saves us engineering time.
>>
>>
>>
>> /Fredrik
>>
>>
>> _______________________________________________
>> Tech mailing list
>> Tech at cryptech.is
>> https://lists.cryptech.is/listinfo/tech
>>
> _______________________________________________
> Tech mailing list
> Tech at cryptech.is
> https://lists.cryptech.is/listinfo/tech
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cryptech.is/archives/tech/attachments/20160203/8cf5a851/attachment.html>