[Cryptech Tech] Fwd: Status tamper detection and MKM erasure (low dose gamma ray)
joachim at secworks.se
Wed Jun 29 14:14:26 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
Richard Lamb wrote:
> Pardon me if this has already been discussed but in my own
> commercial HSM development efforts I have ran across a relatively
> simple but effective protection against attempts to discern memory
> states using low dose gamma rays such as those from a lab Co-60
> source. Simply inverting the bits of the MKM every tenth of a second
> or so may be effective. Even with X,gamma, etc detectors built into
> my HSM, distinction between high dose and low dose is a difficult
> task given unknown deployment environments. Hence this suggestion.
> Again, I apologize if this has been discussed already.
Very interesting, thank you for sharing this info with us.
We have discussed methods for mitigating different remanence and leakage
problems with the MKM. But we have not gone into much specifics as of
yet. Moving info around, rotating bits and bit flipping are things we
have talked about as possible methods. Your input shows that there are
issues but also ways of mitigating them.
the mkmif block in the FPGA could in a future version (post Berlin) get
this functionality. The AVR tamper CPU could also be responsible for
this functionality. Right now we don't do anything in neither regarding
Med vänlig hälsning, Yours
Joachim Strömbergson - Alltid i harmonisk svängning.
Joachim Strömbergson Secworks AB joachim at secworks.se
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the Tech