From 31b10df8507d32c75aa1b30cb3bd575a392b997f Mon Sep 17 00:00:00 2001 From: jaseg Date: Tue, 20 May 2025 18:06:49 +0200 Subject: [PATCH] Fill out the gaps, add a bunch of new text. --- paper.tex | 103 ++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 85 insertions(+), 18 deletions(-) diff --git a/paper.tex b/paper.tex index b01a9e1..099163b 100644 --- a/paper.tex +++ b/paper.tex @@ -45,7 +45,7 @@ \author{Jan Sebastian Götte\inst{1} \and Björn Scheuermann\inst{2}} \institute{Technical University of Darmstadt, Darmstadt, Germany, \email{research@jaseg.de}\and Technical University of Darmstadt, Darmstadt, Germany, \email{bjoern.scheuermann@kom.tu-darmstadt.de}} -\title{WIP: Optical Passthrough for a Tamper-Resistant Quantum Key Distribution Relay in a Inertial HSM} +\title{Optical Passthrough for a Tamper-Resistant Quantum Key Distribution Relay in a Inertial HSM} \maketitle \keywords{Physical Security\and Tamper Resistance\and Hardware Security Module (HSM)\and Inertial Hardware Security Module (IHSM)\and Quantum Key Distribution} @@ -189,10 +189,45 @@ overlapping them, since the mesh's rotation makes any attack on such a joint exc \subsection{Customizable tamper sensing HSMs} -\subsection{Optical slip rings} +\textcite{immlerSecurePhysicalEnclosures2018} introduce a HSM concept that utilizes a tamper-sensing mesh made from a +lithographically patterned metallized polyimide foil. They pattern a grid of fine capacitive electrodes onto the foil, +and demonstrate a simple multi-channel readout circuit that is capable of distinguishing changes in capacitance between +electrodes down to the femto-Farad range. In contrast to conventional HSMs that require a continuous power supply to +their tamper-sensing subsystem, their design introduces sufficient measurement fidelity that the tamper-sensing mesh +foil can be viewed as a Physically Uncloneable Function (PUF) by demonstrating stability and statistical properties of +its PUF response. + +Later publications on their design expand upon the concept, but fundamentally, their design is limited in size by +manufacturing limitations in the size of its tamper-sensing foil, as well as the poor scalability of the designs +frontend architecture, which requires a separate charge amplifier for each electrode +pair\cite{ + garbFORTRESSFORtifiedTamperResistant2021, + garbWiretapChannelCapacitive2022, + garbTamperSensitiveDesignPUFBased, + obermaierMeasurementSystemCapacitive2018}. +Applying their approach to a QKD relay would be difficult as it would ential not just miniaturizing the QKD relay to the +size of a smartphone, but it would also require the development of a secure fiber passthrough specific to their design +and other systems using a folded tamper-sensing mesh foil. Conventionally, electrical pass-throughs in such foils are +made by folding the mesh and a Flat Flexible Cable (FFC) multiple times. Due to their required beding radius, +alternative solutions would have to be found for a fiber-optic pass-through. \subsection{Long-range QKD} + +\textcite{Hybrid Trusted/Untrusted Relay-Based Quantum Key Distribution Over Optical Backbone Networks} give a +comprehensive overview of large-scale QKD networking. \textcite{lellaSecurityQuantumKey2023} analyze security threats in +quantum key distribution networks and point out that achieving the information-theoretic security that QKD is often +cited for providing is difficult to achieve in practice since currently, protocols based on cryptographic computational +hardness assumptions cannot be avoided in a practical implementation. \textcite{yangQuantumKeyDistribution2018} approach +key routing in a hypothetical quantum key distribution network and provide a solution based on measurements of each +node's local secret key buffer. + +\textcite{caoHybridTrustedUntrusted2021} discuss hybrid QKD networks that employ both physically trusted and untrusted +nodes by applying a technique such as Measurement-Device Independent QKD (MDI-QKD) that enables one end of the QKD link +to be untrusted. MDI-QKD can effectively double the reach of a trusted QKD link by placing an untrusted relay node in +the middle. They present a precise problem formulation and introduce an algorithm for the optimization of deployment +cost of a hybrid QKD network. + \section{QKD in an IHSM} Since IHSMs are particularly suited to large payloads, fitting the components of a QKD node inside one is @@ -312,10 +347,10 @@ in QKD application, the need for fiber optic passthrough is the limiting factor. the fibers in a series of in-plane S-bends requires a coarse tab spacing due to the fibers' large minimum bend radius. However, we can apply the approach we proposed above for the shaft entrance here, too, and thread the fibers between the meshes by helically coiling them, increasing the fibers' bend radius to one half of the distance between both mesh -discs minus the fibers' diameter and clearances\todo{Formulas here and elsewhere, define variables}. When the resulting -useable part of the distance is larger than twice the bend radius, the minimum tab spacing is only limited by the -fiber's diameter and the stability of the star bracket. When the discs are placed closer, and a larger pitch is -necssary, the resulting pitch of the helix determines the minimum tab spacing. +discs minus the fibers' diameter and clearances. When the resulting useable part of the distance is larger than twice +the bend radius, the minimum tab spacing is only limited by the fiber's diameter and the stability of the star bracket. +When the discs are placed closer, and a larger pitch is necssary, the resulting pitch of the helix determines the +minimum tab spacing. Designing a labyrinth mesh for intrusion prevention is similar to the design of the shape of the jamb of a safe door or of a high end apartment door. In these, the objective is to prevent would-be burglars from inserting opening tools @@ -324,12 +359,12 @@ not unlike an IHSM's defense against electrical or electromagnetic probes. The o what we can do in IHSMs is that these doors are limited to outwards-facing steps because they must be opened and closed. In IHSM labyrinth meshes, we can use both outwards-facing and inwards-facing steps. -Concentric labyrinth meshes allow for a wide range of different configurations. The pitch from one mesh tab to the -next is the sum of the required width of the inter-mesh space and the safety margin needed betwween any cables or the -inter-mesh bracket and the tabs. When the mesh is constructed using rigid PCB tabs that are inserted as-is, without -bending them, and when all tabs have the same width and thickness, the radial width of the swept area decreases from tab -to tab going outwards. A consequence of this is that when the design target are constant width inter-mesh spaces, the -tabs' pitch decreases going outwards. +Concentric labyrinth meshes allow for a range configurations. The pitch from one mesh tab to the next is the sum of the +required width of the inter-mesh space and the safety margin needed betwween any cables or the inter-mesh bracket and +the tabs. When the mesh is constructed using rigid PCB tabs that are inserted as-is, without bending them, and when all +tabs have the same width and thickness, the radial width of the swept area decreases from tab to tab going outwards. A +consequence of this is that when the design target are constant width inter-mesh spaces, the tabs' pitch decreases going +outwards. The safety margin required to avoid collisions between the meshes and the stator can be kept low for the primary mesh because this mesh has high-quality bearings on both ends, leading to good axis alignment. In contrast, for the secondary @@ -380,12 +415,18 @@ Thus, instead of passing it straight through the labyrinth, the payload's fiber labyrinth in a three-dimensional spiral shape, avoiding the meshes while simultaneously maximizing the fibers' bend radii. +\subsection{Experimental Validation} + To prove the mechanical viability of the offset labyrinth mesh concept, we created a mechanical prototype of one such mesh. Figure\ \ref{qkd_fig_offset_lab_fiber} shows the dimensions of the meshes' tabs along with the resulting tab rings and a 2D projection of our chosen fiber layout. The fiber is laid out in such a way that it crosses each tab ring at -opposite sides, and traverses the vertical distance in the larger part of the inter-mesh space. Figures\ -\ref{qkd_fig_lab_mesh_exp_1} and \ref{qkd_fig_lab_mesh_exp_2} show an exploded view of our mechanical prototype from two -perspectives. +opposite sides, and traverses the vertical distance in the larger part of the inter-mesh space. Figure\ +\ref{qkd_fig_lab_mesh_exp_1} shows an exploded view of our mechanical prototype. + +We threaded a standard \qty{50}{\micro\meter}/\qty{125}{\micro\meter} fiber through the bracket, spliced it to a +connector pigtail at the remote end, and measured its loss using a NK4000D handheld OTDR/OPM manufactured by Qingdao +Novker Communication Ltd. Comparing measurements of loss between a coiled fiber and a fiber fed through the bracket +resulted in a difference below the measurement floor of approximately \qty{0.25}{\decibel}. \begin{figure} \centering @@ -477,6 +518,7 @@ by explosive, but a thick metal shield around the payload would make it more dif using a projectile. \section{Outlook} + \subsection{Achievable security guarantees} Like conventional HSMs, Inertial HSMs are only ever an engeineering answer to a security question. In contrast with @@ -487,9 +529,28 @@ achieve it by rotating their tamper sensing mesh. In a conventional HSM, increas mesh requires fine-tuning a bespoke manufacturing process. In contrast, increasing the security of an IHSMs simply requires making the rotor faster. +\subsection{Trust bootstrapping} + +A key question in any trusted hardware deployment is how to bootstrap trust in a new device when faced with the +possibility of supply-chain attacks. Conventional HSMs are only manufactured by a single manufacturer, and the common +solution is to just trust that manufacturer. The HSM's manufacturer can factory-provision an identity key to the HSM +that can be used to ascertain the HSM's integrity during shipping to the customer. + +One of the key components of IHSM technology is that it does not require specialized components, or potting of the +payload. While an IHSM could be manufactured and sold as a complete unit like a conventional HSM, their more modular +nature makes it possible to place more control in the IHSM's customer. In particular, an IHSM could be sold without a +payload installed, leaving the customer to install their own payload (such as a QKD node) inside the IHSM. Like a +conventional HSM, the IHSM could be run during shipping to detect supply-chain attacks. Going further, since IHSMs are +build from commodity components, the user could directly license the IHSM design and manufacturer it themselves, given +them full control over the hardware supply chain. In a QKD deployment, the manufacturer of the QKD node could build both +the QKD subsystem and the IHSM and integrate both, given that this would not require additional manufacturing +capabilities due to the IHSM's simple construction. + \subsection{Network implementation} - +IHSM-secured QKD nodes could be used to build QKD networks. IHSM-secured QKD nodes augment QKD network techniques such +as \textcite{caoHybridTrustedUntrusted2021}, who present a network structure that exploits MDI-QKD to replace some of +the network's nodes by untrusted nodes that do not require physical security. \subsection{Device Longevity} @@ -515,10 +576,16 @@ systems buffer secret key bits. The switchover time of an optical switch used fo as well as the link establishment time of the failover transceiver can be absorbed by simply sizing this buffer appropriately. -\subsection{Trust bootstrapping} - \section{Conclusion} +In this paper, we applied the Inertial Hardware Security Module (IHSM) concept to physically trusted relay nodes in a +Quantum Key Distribution network. We note that the hardest challenge in the adoption of IHSMs in QKD relays is the +fiber-optic passthrough between the outside world and the IHSMs QKD relay payload. We show three concepts along the +spectrum trading off security and implementation complexity. All three concepts utilize a secondary rotating mesh on the +inside of the primary mesh's shaft opening. We practically demonstrate one of our concepts, the offset labyrinth mesh, +in a functional mechanical prototype. We experimentally measured the increase in loss of a standard telecommunications +fiber when inserted through our mechanical prototype's fiber passthrough, resulting in an increase in loss compared to a +straight fiber that was below our measurement threshold of approximately \qty{0.25}{\decibel}. \begin{credits} This is version \texttt{\input{version.tex}\unskip} of this paper, generated on \today. The git repository with the