Idea for tamper-resistant PC hardware

[David Honig]

At 05:09 AM 1/12/01 -0500, drevil at sidereal.kz wrote:
>So here's another solution.  The hard drive itself is encrypted, and
>the encryption/decryption hardware is part of the hard drive chips,
>and all are mounted within a tamper-resistant enclosure.  Also mounted
>in this enclosure is a little battery which will last for the lifetime
>of the harddrive, and a large-enough capacitor.  When the enclosure is
>tampered with, the capacitor sends a jolt through the chip that holds
>the encryption key.  This jolt is big enough to melt the silicon, so
>no key bits could be recovered (this would not require much of a jolt,
>I would think).  Then the attacker would have the hard drive, but no
>way to decrypt it.  Obviously, it would need sensors to detect
>tampering with the case, and tricks liking freezing the thing, using
>radiation, whatever.

That is how its done.  Tamper detect can look for voltages, freqs, 
temps out of range, pressure changes, acceleration, mechanical intrustion,
etc.  If you see tampering, you zeroize your key, your disk is suddently
filled with useless noise.  

There is a patent on thermite-like pastes you can build into a chip, which
helps against reverse engineering the circuitry, post-mortem.  For you,
simple zeroizing will probably be enough; though see the work on remenance
in RAMs for caveats.

>This allows us to have data be permenantly destroyed, and the hard
>drive permenantly deactivated, without doing any crazy stuff involving
>pyrotechnics which looks bad in the media.  

Worse than looking bad, you can't take energetic materials
on airplanes.

Check the archives, this gets discussed periodically, and there
are commercial tamper-resistant/detecting modules out there.

dh