[Cryptech Tech] Fwd: Re: Cryptech HSM enquiry

Fredrik Thulin fredrik at thulin.net
Thu Jul 21 13:38:04 UTC 2016

Previous message (by thread): [Cryptech Tech] Fwd: Re: Cryptech HSM enquiry
Next message (by thread): [Cryptech Tech] Heise covers the Alpha board release
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On tisdag 19 juli 2016 kl. 18:53:13 CEST Thotheolh Tay wrote:
> Hi,
> 
> I would like to congratulate the CrypTech team on having an Alpha board
> released after around 2 years of development (since 2014).

Thank you!

> I find the CrypTech webpage terse on information so I have to ask questions
> via email.

Sorry about that - we know we have done much more coding than documentation. 
How to get documentation written without hampering the engineering effort was 
discussed some in Berlin... with no real answer yet.

> In the previous email, I was told the KMK key would be stored in a tamper
> detecting and battery backed RAM.
> 
> Here are my questions:
> 
> 1.) Is the tamper detection provided by software inputs or what sort of
> inputs are needed to trigger the tamper reaction ? Would attempts to tap or
> tamper the chips directly cause the KMK to be wiped like other secure chips
> ? Does it use some sort of tamper detecting sensor (i.e. metal shields and
> meshes, power glitch sensing algorithms) and where is this particular
> battery backed RAM stored in (inside the ARM chip or FPGA chip) ?
> 
> 2.) Are there software protection against timing and power analysis or
> other side-channel protection mechanism (i.e. dynamic whitebox crypto) ?
> 
> 3.) Are there software protection against attempts to listen to CPU
> processes via EM emissions (i.e. dynamic generation of false instructions
> and routines) ?
> 
> 4.) Are there considerations to tamper protect (physically and logically
> protect) the ARM and FPGA chips against attempts to tamper the HSM in order
> to extract processing details (i.e. loaded and unwrapped keys inside the
> FPGA)  ?

We're getting to designing the actual tamper subsystem just about now. I think 
your questions can be good input to that process, but as the questions are 
phrased ("are there") the answer at this time have to be "no" or "not yet".

The only thing we have today is a volatile memory and a small microcontroller 
that will erase the memory when a small button on the PCB (labeled PANIC) is 
pressed.

> 5.) Traditional HSMs (i.e. Thales nCipher HSM) uses M/N quorums to create
> an administrator key to unwrap the master key with the M/N quorum shares
> stored inside smart cards. Are there going to be similar approaches to use
> a M/N quorum share to create an administrative shared key to protect the
> KMK key for additional security ?

Some people around here are very interested in M/N.

> 6.) How do I know I have booted the correct software and firmware without
> any tampering ?

Is "because you built it from source yourself" a possible answer to that 
question, or do you mean something else like "how do I know the software in 
the device wasn't replaced since the time I installed it"?

/Fredrik

Previous message (by thread): [Cryptech Tech] Fwd: Re: Cryptech HSM enquiry
Next message (by thread): [Cryptech Tech] Heise covers the Alpha board release
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list