Paper: More blurb
This commit is contained in:
jaseg
parent
0bd67b6493
commit
4a25d96235
3 changed files with 116 additions and 26 deletions
Binary file not shown.
|
|
@ -132,6 +132,7 @@ This work contains the following contributions:
|
|||
\item We discuss possible boundary sensing modes for inertial HSMs.
|
||||
\item We explore the design space of our inertial HSM concept.
|
||||
\item We present our work on a prototype inertial HSM.
|
||||
\item We present an anlysis on the viability of using commodity MEMS accelerometers as braking sensors.
|
||||
% FIXME \item Measurement of the prototype HSM's susceptibility to various types of attack.
|
||||
\end{enumerate}
|
||||
|
||||
|
|
@ -203,20 +204,101 @@ with pressurized gas.
|
|||
\section{Inertial HSM construction and operation}
|
||||
\label{sec_ihsm_construction}
|
||||
|
||||
Mechanical motion has been proposed as a means of making things harder to see with the human eye~\cite{haines2006} and is
|
||||
routinely used in military applications to make things harder to hit~\cite{terdiman2013} but we seem to be the first to
|
||||
use it in tamper detection. If we consider different ways of moving an HSM to make it harder to tamper with, we find
|
||||
that making it spin has several advantages.
|
||||
Mechanical motion has been proposed as a means of making things harder to see with the human eye~\cite{haines2006} and
|
||||
is routinely used in military applications to make things harder to hit~\cite{terdiman2013} but we seem to be the first
|
||||
to use it in tamper detection.
|
||||
|
||||
First, the HSM has to move fairly fast. If any point of the HSM's tamper sensing mesh moves slow enough for a human to
|
||||
follow, it becomes a weak spot. E.g.\ in a linear pendulum motion, the pendulum becomes stationary at its apex. Second,
|
||||
a spinning HSM is compact compared to alternatives like an HSM on wheels. Finally, rotation leads to easily predictable
|
||||
accelerometer measurements. A beneficial side-effect of spinning the HSM is that if the axis of rotation is within the
|
||||
HSM itself, an attacker trying to follow the motion would have to rotate around the same axis. Their tangential linear
|
||||
velocity would rise linearly with the radius from the axis of rotation, which allows us to limit the approximate maximum
|
||||
size and mass of an attacker using an assumption on tolerable centrifugal force (see Appendix
|
||||
\ref{sec_minimum_angular_velocity}). In this consideration the axis of rotation is a weak spot, but that can be
|
||||
mitigated using multiple nested layers of protection.
|
||||
The core questions in the design of an inertial HSM are the following:
|
||||
|
||||
\begin{enumerate}
|
||||
\item What \textbf{type of motion} to use: Rotation, pendulum, linear.
|
||||
\item How to construct the \textbf{tamper detection mesh}.
|
||||
\item How to \textbf{detect braking} of the HSM's movement.
|
||||
\item The \textbf{mechanical layout} of the HSM.
|
||||
\end{enumerate}
|
||||
|
||||
We will approach these questions one by one in the following subsections.
|
||||
|
||||
\subsection{Inertial HSM motion}
|
||||
|
||||
First, there are several ways that we can approach motion. There is periodic, aperiodic and continuous motion. There is
|
||||
also linear motion as well as rotation. We can also vary the degree of electronic control in this motion. The main
|
||||
constraints we have on the HSM's motion pattern are that it needs to be (almost) continuous so as to not expose any weak
|
||||
spots during instantaneous standstill of the HSM. Additionally, for space efficiency the HSM has to stay within a
|
||||
confined space. This means that linear motion must be periodic, like that of a pendulum. Periodic linear motion will
|
||||
have to quickly reverse direction at its apex so the device is not stationary long enough for this to become a weak
|
||||
spot.
|
||||
|
||||
In contrast to linear motion, rotation is space-efficient and can be continuous if the axis of rotation is inside the
|
||||
device. In case it has a fixed axis, rotation will expose a weak spot at the axis of rotation where the surface's
|
||||
tangential velocity is low. Faster rotation can lessen the severity of this at the expense of power consumption and
|
||||
mechanical load but can never eliminate it. This effect can be alleviated in two ways: Either by adding additional
|
||||
tamper protection at the axis, or by having the HSM perform a compound rotation that has no fixed axis.
|
||||
|
||||
In this paper we focus on rotating IHSMs for simplicity of construction. For our initial research, we are focusing on
|
||||
systems having a fixed axis of rotation due to their relative simplicity in prototype construction but we note the
|
||||
challenge of hardening the shaft against tampering.
|
||||
|
||||
\subsection{Tamper detection mesh construction}
|
||||
|
||||
Once we have decided on a type of motion our IHSM's security barrier shall perform, what remains is the actual
|
||||
implementation of that security barrier. There are two movements that we have observed that are key to our work. On the
|
||||
one hand, there is the widespread industry use of delicate tamper sensing mesh membranes. The widespread usage of such
|
||||
membranes in systems deployed in the field for a variety of use cases from low-security payment processing devices to
|
||||
high-security certificate management at a minimum tells us that a properly implemented mesh \emph{can} provide a
|
||||
significant level of security. On the other hand, research has mostly focused on various ways to fabricate enclosures
|
||||
that embed characteristics of a physically uncloneable function (PUF). By using stochastic properties of the enclosure
|
||||
material to form a PUF, such academic designs effectively leverage signal processing techniques to improve the system's
|
||||
hardness by a large factor.
|
||||
|
||||
In our research, we focus on security meshes as our IHSM's tamper sensors. Most of the cost in commercial security mesh
|
||||
implementations lies in the advanced manufacturing techniques and special materials necessary to achieve a sensitive
|
||||
mesh at fine structure sizes. The foundation of an IHSM security is that by moving the mesh even a primitive, coarse
|
||||
mesh made e.g.\ from mesh traces on a PCB becomes very hard to attack in practice. This allows us to a simple
|
||||
construction made up from low-cost components. Additionally, use of a mesh allows us to only spin the mesh itself
|
||||
around and keep the payload stationary in the center of the IHSM. Tamper sensing technologies that use the entire volume
|
||||
of the HSM such as RF-based systems do not allow for this degree of freedom in their design. They would require the
|
||||
entire IHSM to spin, including its payload. This would entail costly and complex systems for data and power transfer
|
||||
from the outside to the payload.
|
||||
|
||||
\subsection{Braking detection}
|
||||
|
||||
The security mesh is a critical component in the IHSM's primary defense against physical attacks, but its monitoring is
|
||||
only one half of this defense. The other half consists of a reliable and sensitive braking detection system. This system
|
||||
must be able to quickly detect any slowing of the IHSM's rotation. Ideally, a sufficiently sensitive sensor should be
|
||||
able to measure any external force applied to the IHSM's rotor and should already trigger a response on the attempt of
|
||||
manipulation.
|
||||
|
||||
While the obvious choice to monitor rotation would be a tachometer such as a magnetic or opitical sensor attached to the
|
||||
IHSM's shaft, this would be a poor choice in our application. Both optical and matgnetic sensors are susceptible to
|
||||
contact-less interference from outside. Instead, an accelerometer is a good component to serve as an IHSM's tamper
|
||||
sensor.
|
||||
|
||||
%%%
|
||||
|
||||
First, for motion to effectively disincentivize tampering, the HSM has to move fairly fast.
|
||||
If any point of the HSM's tamper sensing shell moves slow enough for a human to follow, that point becomes a weak spot.
|
||||
For illustration, consider linear oscillating motion like that of a pendulum.
|
||||
At its apex, the pendulum becomes stationary and an attacker could use that split second of the device not moving.
|
||||
|
||||
Second, a spinning HSM is potentially more compact than some alternatives like a pendulum or more exotic concepts such
|
||||
as an HSM on wheels. Its main disadvantage is its circular envelope: When using components such as standard server
|
||||
hardware for its payload, these components likely come in a rectangular form factor leading to dead space inside the
|
||||
HSM. Mounting the HSM in a standard rackmount enclosure will also lead to significant dead space around the HSM. An
|
||||
``vibrating'' HSM with a small amplitude of oscillation might potentially lead to a more compact solution, but this
|
||||
compactness would come at increased engineering complexity and increased material stresses.
|
||||
|
||||
Third and finally, constant rotation leads to a predictable, constant acceleration anywhere in the rotating part. This
|
||||
allows the use of an accelerometer for tamper detection with minimal signal post-processing.
|
||||
|
||||
A beneficial side-effect of spinning the HSM is that an attacker trying to follow the motion would have to rotate around
|
||||
the same axis, subjecting them to very large centrifugal accleration.
|
||||
This allows us to limit the approximate maximum size and mass of an attacker using an assumption on tolerable
|
||||
centrifugal force (see Appendix \ref{sec_minimum_angular_velocity}).
|
||||
|
||||
A basic spinning HSM might look like shown in Figure \ref{fig_schema_one_axis}. Shown are the axis of rotation, an
|
||||
accelerometer on the rotating part used to detect braking, the protected payload and the area covered by the rotating
|
||||
tamper detection mesh.
|
||||
|
||||
\begin{figure}
|
||||
\center
|
||||
|
|
@ -226,19 +308,24 @@ mitigated using multiple nested layers of protection.
|
|||
\label{fig_schema_one_axis}
|
||||
\end{figure}
|
||||
|
||||
\section{Using accelerometers as rotation sensors}
|
||||
|
||||
In a rotating reference frame, centrifugal force is proportional to the square of angular velocity and proportional to
|
||||
distance from the axis of rotation. We can exploit this fact to create a sensor that detects any disturbance of the
|
||||
rotation by placing a linear accelerometer at some distance from the axis of rotation. During constant rotation, after
|
||||
subtracting gravity both acceleration tangential to the rotation and along the axis of rotation will be zero.
|
||||
Centrifugal acceleration will be constant.
|
||||
distance from the axis of rotation. We can exploit this fact to use an accelerometer as a sensor that detects any
|
||||
disturbance to the HSM's rotation. We place the accelerometer at a known distance from the axis of rotation. When the
|
||||
axis of rotation is vertical, during constant rotation tangential acceleration will be zero and acceleration along the
|
||||
axis of rotation will be $\SI{1}{\g}$. Centrifugal acceleration will be constant.
|
||||
|
||||
Large centrifugal acceleration at high speeds poses the engineering challenge of preventing the whole thing from flying
|
||||
apart, but it also creates an obstacle to any attacker trying to manipulate the sensor. We do not need to move the
|
||||
entire contents of the HSM. It suffices if we move the tamper detection barrier around a stationary payload. This
|
||||
reduces the moment of inertia of the moving part and it means we can use cables for payload power and data.
|
||||
Large centrifugal acceleration at high speeds poses the engineering challenge of preventing rapid unscheduled
|
||||
disassembly of the device, but it also creates an obstacle to any attacker trying to manipulate the device.
|
||||
A key observation is that we only have to move the tamper protection mesh, not the entire contents of the HSM.
|
||||
The HSM's payload and with it most of the HSM's mass can be stationary.
|
||||
This reduces the moment of inertia of the moving part and it means that we can use cables for power and data connections
|
||||
to the payload.
|
||||
|
||||
From our back-of-the-envelope calculation in Appendix \ref{sec_minimum_angular_velocity} we conclude that even at
|
||||
moderate speeds above $\SI{500}{rpm}$, an attack would have to be carried out using a robot.
|
||||
From a coarse calculation (Appendix \ref{sec_minimum_angular_velocity}) we conclude that even at moderate speeds (above
|
||||
$\SI{500}{rpm}$), a manual attack is no longer possible and any attack would have to be carried out using either
|
||||
computer control or precise mechanics.
|
||||
|
||||
In Appendix \ref{sec_degrees_of_freedom} we consider sensor configurations and we conclude that one three-axis
|
||||
accelerometer each in the rotor and in the stator are a good baseline configuration. In general, the system will be more
|
||||
|
|
@ -287,6 +374,8 @@ transmit the occassional status report along with a low-latency alarm trigger (`
|
|||
As we will elaborate in Section~\ref{sec_proto} a simple infrared optical link turned out to be a good solution for this
|
||||
purpose.
|
||||
|
||||
\subsection{Tamper detection}
|
||||
|
||||
\section{Attacks}
|
||||
\label{sec_attacks}
|
||||
|
||||
|
|
@ -295,6 +384,8 @@ attack it. Fundamentally, attacks on an inertial HSM are the same as those on a
|
|||
detection mesh is the same. Only, in the inertial HSM any attack on the mesh has to be carried out while the mesh is
|
||||
rotating, which for most types of attack will require some kind of CNC attack robot moving in sync with it.
|
||||
|
||||
\subsection{Attacking at the axis of rotation}
|
||||
|
||||
\subsection{Attacks on the mesh}
|
||||
|
||||
There are two locations where one can attack a tamper-detection mesh. On one hand, the mesh itself can be tampered with.
|
||||
|
|
@ -324,7 +415,7 @@ shielded place inside the security envelope. Further, this attack can only work
|
|||
expected accelerometer readings are constant. If the rate of rotation is set to vary over time this type of attack is
|
||||
quickly detected. In Appendix \ref{sec_degrees_of_freedom} we outline the constraints on sensor placement.
|
||||
|
||||
\subsection{Attacks on the alarm circuitry}
|
||||
\subsection{Attacks on the alarm circuit}
|
||||
|
||||
Besides trying to deactivate the tamper detection mesh, an electronic attack could also target the alarm circuitry
|
||||
inside the stationary payload, or the communication link between rotor and payload. The link can be secured using a
|
||||
|
|
@ -457,6 +548,7 @@ driven at $\SI{1}{\milli\ampere}$ while the stator transmitter LED is driven at
|
|||
\end{figure}
|
||||
|
||||
\subsection{Power transmission through rotating joint}
|
||||
|
||||
Besides the data link, the other electrical interface we need between rotor and stator is for power transmission. We
|
||||
power Since this prototype serves only demonstration purposes, we chose to use the simplest possible method of power
|
||||
transmission: solar cells. We mounted six series-connected solar cells in three commercially available modules on the
|
||||
|
|
@ -485,8 +577,6 @@ which allows us to reliably transfer several tens of bytes in each direction dur
|
|||
speed of rotation. As a result of our prototype experiments, we consider a larger-scale implementation of the inertial
|
||||
HSM concept practical.
|
||||
|
||||
\section{Using accelerometers as rotation sensors}
|
||||
|
||||
\begin{figure}
|
||||
\center
|
||||
\includegraphics[width=8cm]{prototype_early_comms_small.jpg}
|
||||
|
|
|
|||
Binary file not shown.
Loading…
Add table
Add a link
Reference in a new issue