Re: Black box attacks (was Re: Crypto-Dongel)
At 12:35 PM 4/9/97 -0400, Cynthia H. Brown wrote:
If you're trying to destroy a standard IC, why don't you just hook up the power and ground pins to a 120V AC outlet?
You are unlikely to have AC in a system by the time the tamper detector senses an intrusion. Similar problems apply to arcs and anything based on discharging a large capacitor. -- Lucky Green <mailto:shamrock@netcom.com> PGP encrypted mail preferred "I do believe that where there is a choice only between cowardice and violence, I would advise violence." Mahatma Gandhi
On Wed, 9 Apr 1997, Lucky Green wrote:
At 12:35 PM 4/9/97 -0400, Cynthia H. Brown wrote:
If you're trying to destroy a standard IC, why don't you just hook up the power and ground pins to a 120V AC outlet?
You are unlikely to have AC in a system by the time the tamper detector senses an intrusion. Similar problems apply to arcs and anything based on discharging a large capacitor.
True, if you haven't installed a circuit in advance with some sort of switch or circuit breaker to kick in when the PC's cover is opened (in your absence), or the Big Red Button beside your PC is pushed (in your presence). Assuming you're dealing with a PCMCIA card, it would be easy to rig up an alternate "reader" to fry the card as soon as it's plugged in. All of this has been done before - most high-security crypto devices have built-in zeroisation / tamper response. And no, I'm not sufficiently paranoid to have this on _my_ home PC. Cynthia =============================================================== Cynthia H. Brown, P.Eng. E-mail: cynthb@iosphere.net | PGP Key: See Home Page Home Page: http://www.iosphere.net/~cynthb/ Junk mail will be ignored in the order in which it is received. Klein bottle for rent; enquire within.
On Wed, Apr 09, 1997 at 01:45:19PM -0700, Lucky Green wrote:
At 12:35 PM 4/9/97 -0400, Cynthia H. Brown wrote:
If you're trying to destroy a standard IC, why don't you just hook up the power and ground pins to a 120V AC outlet?
You are unlikely to have AC in a system by the time the tamper detector senses an intrusion. Similar problems apply to arcs and anything based on discharging a large capacitor.
I don't think power is the problem -- you could always include a small rechargable battery in the device, which would be plenty to fry an IC, given suitable support circuitry. The real problem is the logic of the tamper detector itself. How does it "detect tampering"? You would want it to detect mechanical tampering, of course, but that's a non-trivial engineering proble. -- Kent Crispin "No reason to get excited", kent@songbird.com the thief he kindly spoke... PGP fingerprint: B1 8B 72 ED 55 21 5E 44 61 F4 58 0F 72 10 65 55 http://songbird.com/kent/pgp_key.html
participants (3)
-
Cynthia H. Brown -
Kent Crispin -
Lucky Green