[Cryptech Tech] Status tamper detection and MKM erasure

[Linus Nordberg]

Warren Kumari <warren at kumari.net> wrote
Fri, 10 Jun 2016 12:45:35 -0400:

>> It'd great if the FPGA could verify that the MKM is indeed full of
>> zeroes after the button has been pressed. Joachim?
>
> I hope I'm not re-litigating something which has already been settled,
> but *should* the MKM really be full of zeros after the button has been
> pressed?
>
> There continues to be progress in the "cold boot" attacks -- e.g:
> https://nullcon.net/website/archives/ppt/goa-15/cold-boot-attack-on-ddr2-and-ddr3-ram.pdfand "Lest we forget: Cold-boot attacks on scrambled DDR3 memory" -
> https://www.dfrws.org/2016eu/proceedings/DFRWS-EU-2016-7.pdfShould the tamper overwrite MKM with all zeros then all ones N times,
> and then spend some time overwriting with random data (M times)? Or
> are we sure that the MKM has no remanence effects?
>
> If this has already been discussed and dismissed (I kind of remember
> some discussion) I'm find to be told so...

Good point. This is one of several requirements which haven't been
stated AFAIK.

How quickly should we erase the memory? To be put up against how much
power we can consume while waiting for the event. As well as
implementation effort and complexity.

The current implementation is more of a proof of concept than ready to
use for important keys, something I probably should've stated. Happy for
input on requirements!