At 09:30 PM 2/11/2004, Peter Gutmann wrote:
The JTAG interface is your (that is, the reverse engineer's) friend. This is why some security devices let you disconnect it using a security-fuse type mechanism before you ship your product. Of course that only works if (a) the device allows it, (b) you remember to activate it, and (c) your attacker isn't sufficiently motivated/funded to use something like microprobing or a FIB workstation to bypass the disconnect.
I've heard comments about using laser scribes (ie. the types which used to be used to program fuse links on nonce-style "serial number" registers) being used to totally disconnect and/or destroy BIST circuitry from the rest of the chip in "sensitive" devices. Of course, this wouldn't prevent a microprobing attack, but it certainly makes sure the security fuse hasn't been forgotten. Ian. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com