<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><br class=""><div><br class=""><blockquote type="cite" class=""><div class="">10 мая 2018 г., в 15:32, Pavel Shatov <<a href="mailto:meisterpaul1@yandex.ru" class="">meisterpaul1@yandex.ru</a>> написал(а):</div><br class="Apple-interchange-newline"><div class=""><div class="">08.05.2018 15:39, Joachim Strömbergson пишет:<br class=""><br class=""><blockquote type="cite" class="">Pavel Shatov wrote:<br class=""><blockquote type="cite" class="">Speaking of asynchronous signals, I think the original idea was to have several tamper detection inputs in the tiny MKM FPGA. Suppose that they are active-low, this way as soon as a tamper event from<br class="">a certain sensor is detected, the corresponding input goes low.<br class="">Tamper detection inputs can be AND'ed together and routed to the<br class="">reset signals of the flops where the master key stored. This way<br class="">the master key can we wiped asynchronously and even if the clock<br class="">signal is stopped for whatever reason.<br class=""></blockquote>As long as we can guarantee (as in really guarantee) that we never<br class="">get a drop on the input by mistake (glitches, drops etc) then sure Your, Stuges and Fredriks knowledge on supply, board design, signal integrity will be needed here.<br class=""></blockquote><br class="">I kind of understand Peter's concerns about register's reset input being<br class="">over sensitive and that potentially it can react to a glitch, but, well,<br class="">taper detection input is supposed to be sensitive, isn't it? I believe<br class="">that with careful board design we can avoid any glitches. I may be<br class="">wrong, but what I understood from Jacob's talk during the f2f was that<br class="">reaction time is very important. In that sense not having any<br class="">synchronous elements between tamper inputs and flip-flop reset inputs is<br class="">more attractive, because if we want to sample inputs pins, we need at<br class="">least a 2-stage synchronizer to not run into metastability, so the<br class="">reaction time will be 3 clock cycles at least.<br class=""></div></div></blockquote>3 clock cycles - how many microseconds? ;)</div><div><br class=""></div><div>I wonder the possibility of accessing master key storage chip and extracting keys from it in ___ (please fill in the number ;) ) microseconds after for instance opening the surrounding case.</div><div><br class=""></div><div>The possibility of accidentally wiping the keys without _real_ reason seems more harmful to me.</div><div><br class=""></div><div>dol@</div><div><br class=""></div><div><br class=""><blockquote type="cite" class=""><div class=""><div class=""><br class=""><br class="">-- <br class="">With best regards,<br class="">Pavel Shatov<br class="">_______________________________________________<br class="">Tech mailing list<br class=""><a href="mailto:Tech@cryptech.is" class="">Tech@cryptech.is</a><br class="">https://lists.cryptech.is/listinfo/tech<br class=""></div></div></blockquote></div><br class=""></body></html>