Small fixes
This commit is contained in:
jaseg
parent
9a3f8bc04c
commit
9aa229e948
4 changed files with 42 additions and 45 deletions
Binary file not shown.
|
|
@ -80,7 +80,7 @@
|
|||
|
||||
\section*{Abstract}
|
||||
|
||||
In this paper, we introduce a novel countermeasure against physical attacks: Inertial hardware security modules.
|
||||
In this paper, we introduce a novel countermeasure against physical attacks: Inertial hardware security modules (iHSMs).
|
||||
Conventional systems have in common that they try to detect attacks by crafting sensors responding to increasingly
|
||||
minute manipulations of the monitored security boundary or volume. Our approach is novel in that we reduce the
|
||||
sensitivity requirement of security meshes and other sensors and increase the complexity of any manipulations by
|
||||
|
|
@ -154,12 +154,12 @@ meandering electrical traces on a fragile foil that is wrapped around the HSM es
|
|||
problem into the challenge to manufacture very fine electrical traces on a flexible foil~\cite{isaacs2013, immler2019,
|
||||
anderson2020}. There has been some research on monitoring the HSM's inside using e.g.\ electromagnetic
|
||||
radiation~\cite{tobisch2020, kreft2012} or ultrasound~\cite{vrijaldenhoven2004} but none of this research
|
||||
has found widespread adoption.
|
||||
has found widespread adoption yet.
|
||||
|
||||
In~\cite{anderson2020}, Anderson gives a comprehensive overview on physical security. An example they cite is the IBM
|
||||
4758 HSM whose details are laid out in depth in~\cite{smith1998}. This HSM is an example of an industry-standard
|
||||
construction. Though its turn of the century design is now a bit dated, the construction techniques of the physical
|
||||
security mechanisms have not evolved much in the last two decades. Apart from some auxiliary temperature and radiation
|
||||
construction. Although its turn of the century design is now a bit dated, the construction techniques of the physical
|
||||
security mechanisms have not evolved much in the last two decades. Besides some auxiliary temperature and radiation
|
||||
sensors to guard against attacks on the built-in SRAM memory, the module's main security barrier uses the traditional
|
||||
construction of a flexible mesh wrapped around the module's core. In~\cite{smith1998}, the authors state the module
|
||||
monitors this mesh for short circuits, open circuits and conductivity. The fundamental approach to tamper detection and
|
||||
|
|
@ -193,11 +193,11 @@ compound.
|
|||
|
||||
To the best of our knowledge, we are the the first to propose a mechanically moving HSM security barrier as part of a
|
||||
hardware security module. Most academic research concentrates on the issue of creating new, more sensitive security
|
||||
barriers for HSMs~\cite{immler2019} while commercial vendors concentrate on means to cheaply manufacture and certify
|
||||
barriers for HSMs~\cite{immler2019} while commercial vendors concentrate on means to certify and cheaply manufacture
|
||||
these security barriers~\cite{drimer2008}. Our concept instead focuses on the issue of taking any existing, cheap
|
||||
low-performance security barrier and transforming it into a marginally more expensive but very high-performance one. The
|
||||
low-performance security barrier and transforming it into a marginally more expensive but high-performance one. The
|
||||
closest to a mechanical HSM that we were able to find during our research is an 1988 patent~\cite{rahman1988} that
|
||||
describes an mechanism to detect tampering along a communication cable by enclosing the cable inside a conduit filled
|
||||
describes a mechanism to detect tampering along a communication cable by enclosing the cable inside a conduit filled
|
||||
with pressurized gas.
|
||||
|
||||
\section{Inertial HSM construction and operation}
|
||||
|
|
@ -208,9 +208,9 @@ routinely used in military applications to make things harder to hit~\cite{terdi
|
|||
use it in tamper detection. If we consider different ways of moving an HSM to make it harder to tamper with, we find
|
||||
that making it spin has several advantages.
|
||||
|
||||
First, the HSM has to move fairly fast. If any point of the HSM's tamper sensing mehs moves slow enough for a human to
|
||||
First, the HSM has to move fairly fast. If any point of the HSM's tamper sensing mesh moves slow enough for a human to
|
||||
follow, it becomes a weak spot. E.g.\ in a linear pendulum motion, the pendulum becomes stationary at its apex. Second,
|
||||
a spinning HSM is compact compared to alternatives like an HSM on wheels. Finally, rotation leads to predictable
|
||||
a spinning HSM is compact compared to alternatives like an HSM on wheels. Finally, rotation leads to easily predictable
|
||||
accelerometer measurements. A beneficial side-effect of spinning the HSM is that if the axis of rotation is within the
|
||||
HSM itself, an attacker trying to follow the motion would have to rotate around the same axis. Their tangential linear
|
||||
velocity would rise linearly with the radius from the axis of rotation, which allows us to limit the approximate maximum
|
||||
|
|
@ -228,9 +228,9 @@ mitigated using multiple nested layers of protection.
|
|||
|
||||
In a rotating reference frame, centrifugal force is proportional to the square of angular velocity and proportional to
|
||||
distance from the axis of rotation. We can exploit this fact to create a sensor that detects any disturbance of the
|
||||
rotation by placing a linear accelerometer at some distance from the axis of rotation. During constant rotation, both
|
||||
acceleration tangential to the rotation and along the axis of rotation will be zero. Centrifugal acceleration will be
|
||||
constant.
|
||||
rotation by placing a linear accelerometer at some distance from the axis of rotation. During constant rotation, after
|
||||
subtracting gravity both acceleration tangential to the rotation and along the axis of rotation will be zero.
|
||||
Centrifugal acceleration will be constant.
|
||||
|
||||
Large centrifugal acceleration at high speeds poses the engineering challenge of preventing the whole thing from flying
|
||||
apart, but it also creates an obstacle to any attacker trying to manipulate the sensor. We do not need to move the
|
||||
|
|
@ -263,7 +263,7 @@ solved with complex and costly siphon-style constructions, so in commercial syst
|
|||
exclusively~\cite{isaacs2013}. This limits the maximum power dissipation of the payload and thus its processing power.
|
||||
Our setup allows direct air cooling of regular heatsinks. This greatly increases the maximum possible power dissipation
|
||||
of the payload and unlocks much more powerful processing capabilities. In an evolution of our design, the spinning mesh
|
||||
could even be designed to *be* a cooling fan.
|
||||
could even be designed to \emph{be} a cooling fan.
|
||||
|
||||
\subsection{Spinning mesh power and data transmission}
|
||||
|
||||
|
|
@ -273,12 +273,12 @@ both a power supply for the spinning monitoring circuit and a data link to the s
|
|||
|
||||
We found that a bright lamp shining at a rotating solar panel is a good starting point. In contrast to e.g.\ slip
|
||||
rings, this setup is mechanically durable at high speeds and it also provides reasonable output power (see Appendix
|
||||
\ref{sec_energy_calculations} for some calculations on power consumption). A battery may not provide a useful lifetime
|
||||
\ref{sec_energy_calculations} for an estimation of power consumption). A battery may not provide a useful lifetime
|
||||
without power-optimization. Likewise, an energy harvesting setup may not provide enough current to supply peak demand.
|
||||
|
||||
Since the monitoring circuit uses little current, power transfer efficiency is not important. On the other hand, cost
|
||||
may be a concern in a production device. Here it may prove worthwhile to replace the solar cell setup with an extra
|
||||
winding on the rotor of the BLDC motor driving the spinning mesh. This rotor is likely to be a custom part, so adding
|
||||
winding on the rotor of the BLDC motor driving the spinning mesh. This motor is likely to be a custom part, so adding
|
||||
an extra winding is unlikely to increase cost significantly. More traditional inductive power transfer may also be an
|
||||
option if it can be integrated into the mechanical design.
|
||||
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -80,10 +80,10 @@
|
|||
|
||||
\section*{Abstract}
|
||||
|
||||
In this tech report, we introduce a novel countermeasure against physical attacks: Inertial hardware security modules.
|
||||
Conventional systems have in common that they try to detect attacks by crafting sensors responding to increasingly
|
||||
minute manipulations of the monitored security boundary or volume. Our approach is novel in that we reduce the
|
||||
sensitivity requirement of security meshes and other sensors and increase the complexity of any manipulations by
|
||||
In this tech report, we introduce a novel countermeasure against physical attacks: Inertial hardware security modules
|
||||
(iHSMs). Conventional systems have in common that they try to detect attacks by crafting sensors responding to
|
||||
increasingly minute manipulations of the monitored security boundary or volume. Our approach is novel in that we reduce
|
||||
the sensitivity requirement of security meshes and other sensors and increase the complexity of any manipulations by
|
||||
rotating the security mesh or sensor at high speed---thereby presenting a moving target to an attacker. Attempts to stop
|
||||
the rotation are easily monitored with commercial MEMS accelerometers and gyroscopes. Our approach leads to a HSM that
|
||||
can easily be built from off-the-shelf parts by any university electronics lab, yet offers a level of security that is
|
||||
|
|
@ -122,14 +122,12 @@ defenses the HSM is now equipped with an accelerometer that it uses to verify th
|
|||
would an attacker approach this HSM? They would have to either slow down the rotation---which triggers the
|
||||
accelerometer---or they would have to attack the HSM in motion. The HSM literally becomes a moving target. At slow
|
||||
speeds, rotating the entire attack workbench might be possible but rotating frames of reference quickly become
|
||||
inhospitable to human life (see Appendix~\ref{sec_minimum_angular_velocity}). Since non-contact electromagnetic or
|
||||
optical attacks are more limited in the first place and can be shielded, we have effectively forced the attacker to use
|
||||
an attack robot.
|
||||
inhospitable to human life. Since non-contact electromagnetic or optical attacks are more limited in the first place and
|
||||
can be shielded, we have effectively forced the attacker to use an attack robot.
|
||||
|
||||
In Section~\ref{sec_related_work}, we will give an overview of the state of the art in the physical security of HSMs. On
|
||||
this basis, in Section~\ref{sec_ihsm_construction} we will elaborate the principles of our inertial HSM approach. We
|
||||
will analyze its weaknesses in Section~\ref{sec_attacks}. We conclude this paper with a general evaluation of our
|
||||
concept in Section~\ref{sec_conclusion}.
|
||||
this basis, in Section~\ref{sec_ihsm_construction} we will elaborate the principles of our inertial HSM approach. We
|
||||
conclude this paper with a general evaluation of our concept in Section~\ref{sec_conclusion}.
|
||||
|
||||
\section{Related work}
|
||||
\label{sec_related_work}
|
||||
|
|
@ -144,24 +142,24 @@ meandering electrical traces on a fragile foil that is wrapped around the HSM es
|
|||
problem into the challenge to manufacture very fine electrical traces on a flexible foil~\cite{isaacs2013, immler2019,
|
||||
anderson2020}. There has been some research on monitoring the HSM's inside using e.g.\ electromagnetic
|
||||
radiation~\cite{tobisch2020, kreft2012} or ultrasound~\cite{vrijaldenhoven2004} but none of this research
|
||||
has found widespread adoption.
|
||||
has found widespread adoption yet.
|
||||
|
||||
In~\cite{anderson2020}, Anderson gives a comprehensive overview on physical security. An example they cite is the IBM
|
||||
4758 HSM whose details are laid out in depth in~\cite{smith1998}. This HSM is an example of an industry-standard
|
||||
construction. Though its turn of the century design is now a bit dated, the construction techniques of the physical
|
||||
security mechanisms have not evolved much in the last two decades. Apart from some auxiliary temperature and radiation
|
||||
sensors to guard against attacks on the built-in SRAM memory, the module's main security barrier uses the traditional
|
||||
construction. Although its turn of the century design is now a bit dated, the construction techniques of the physical
|
||||
security mechanisms have not evolved much in the last two decades. Besides auxiliary temperature and radiation sensors
|
||||
to guard against attacks on the built-in SRAM memory, the module's main security barrier uses the traditional
|
||||
construction of a flexible mesh wrapped around the module's core. In~\cite{smith1998}, the authors state the module
|
||||
monitors this mesh for short circuits, open circuits and conductivity. The fundamental approach to tamper detection and
|
||||
construction is similar to other commercial offerings~\cite{obermaier2018,drimer2008,anderson2020,isaacs2013}.
|
||||
|
||||
To the best of our knowledge, we are the the first to propose a mechanically moving HSM security barrier as part of a
|
||||
hardware security module. Most academic research concentrates on the issue of creating new, more sensitive security
|
||||
barriers for HSMs~\cite{immler2019} while commercial vendors concentrate on means to cheaply manufacture and certify
|
||||
barriers for HSMs~\cite{immler2019} while commercial vendors concentrate on means to certify and cheaply manufacture
|
||||
these security barriers~\cite{drimer2008}. Our concept instead focuses on the issue of taking any existing, cheap
|
||||
low-performance security barrier and transforming it into a marginally more expensive but very high-performance one. The
|
||||
low-performance security barrier and transforming it into a marginally more expensive but high-performance one. The
|
||||
closest to a mechanical HSM that we were able to find during our research is an 1988 patent~\cite{rahman1988} that
|
||||
describes an mechanism to detect tampering along a communication cable by enclosing the cable inside a conduit filled
|
||||
describes a mechanism to detect tampering along a communication cable by enclosing the cable inside a conduit filled
|
||||
with pressurized gas.
|
||||
|
||||
\section{Inertial HSM construction and operation}
|
||||
|
|
@ -172,15 +170,14 @@ routinely used in military applications to make things harder to hit~\cite{terdi
|
|||
use it in tamper detection. If we consider different ways of moving an HSM to make it harder to tamper with, we find
|
||||
that making it spin has several advantages.
|
||||
|
||||
First, the HSM has to move fairly fast. If any point of the HSM's tamper sensing mehs moves slow enough for a human to
|
||||
First, the HSM has to move fairly fast. If any point of the HSM's tamper sensing mesh moves slow enough for a human to
|
||||
follow, it becomes a weak spot. E.g.\ in a linear pendulum motion, the pendulum becomes stationary at its apex. Second,
|
||||
a spinning HSM is compact compared to alternatives like an HSM on wheels. Finally, rotation leads to predictable
|
||||
a spinning HSM is compact compared to alternatives like an HSM on wheels. Finally, rotation leads to easily predictable
|
||||
accelerometer measurements. A beneficial side-effect of spinning the HSM is that if the axis of rotation is within the
|
||||
HSM itself, an attacker trying to follow the motion would have to rotate around the same axis. Their tangential linear
|
||||
velocity would rise linearly with the radius from the axis of rotation, which allows us to limit the approximate maximum
|
||||
size and mass of an attacker using an assumption on tolerable centrifugal force (see Appendix
|
||||
\ref{sec_minimum_angular_velocity}). In this consideration the axis of rotation is a weak spot, but that can be
|
||||
mitigated using multiple nested layers of protection.
|
||||
size and mass of an attacker using an assumption on tolerable centrifugal force. In this consideration the axis of
|
||||
rotation is a weak spot, but that can be mitigated using multiple nested layers of protection.
|
||||
|
||||
\begin{figure}
|
||||
\center
|
||||
|
|
@ -192,9 +189,9 @@ mitigated using multiple nested layers of protection.
|
|||
|
||||
In a rotating reference frame, centrifugal force is proportional to the square of angular velocity and proportional to
|
||||
distance from the axis of rotation. We can exploit this fact to create a sensor that detects any disturbance of the
|
||||
rotation by placing a linear accelerometer at some distance from the axis of rotation. During constant rotation, both
|
||||
acceleration tangential to the rotation and along the axis of rotation will be zero. Centrifugal acceleration will be
|
||||
constant.
|
||||
rotation by placing a linear accelerometer at some distance from the axis of rotation. During constant rotation, after
|
||||
subtracting gravity both acceleration tangential to the rotation and along the axis of rotation will be zero.
|
||||
Centrifugal acceleration will be constant.
|
||||
|
||||
Large centrifugal acceleration at high speeds poses the engineering challenge of preventing the whole thing from flying
|
||||
apart, but it also creates an obstacle to any attacker trying to manipulate the sensor. We do not need to move the
|
||||
|
|
@ -220,7 +217,7 @@ solved with complex and costly siphon-style constructions, so in commercial syst
|
|||
exclusively~\cite{isaacs2013}. This limits the maximum power dissipation of the payload and thus its processing power.
|
||||
Our setup allows direct air cooling of regular heatsinks. This greatly increases the maximum possible power dissipation
|
||||
of the payload and unlocks much more powerful processing capabilities. In an evolution of our design, the spinning mesh
|
||||
could even be designed to *be* a cooling fan.
|
||||
could even be designed to \emph{be} a cooling fan.
|
||||
|
||||
\subsection{Spinning mesh power and data transmission}
|
||||
|
||||
|
|
@ -229,13 +226,13 @@ implementation challenges. Since the spinning mesh must be monitored for breaks
|
|||
both a power supply for the spinning monitoring circuit and a data link to the stator.
|
||||
|
||||
We think that a bright lamp shining at a rotating solar panel is a good starting point. In contrast to e.g.\ slip
|
||||
rings, this setup is mechanically durable at high speeds and it also provides reasonable output power (see Appendix
|
||||
\ref{sec_energy_calculations} for some calculations on power consumption). A battery may not provide a useful lifetime
|
||||
without power-optimization. Likewise, an energy harvesting setup may not provide enough current to supply peak demand.
|
||||
rings, this setup is mechanically durable at high speeds and it also provides reasonable output power. A battery may not
|
||||
provide a useful lifetime without power-optimization. Likewise, an energy harvesting setup may not provide enough
|
||||
current to supply peak demand.
|
||||
|
||||
Since the monitoring circuit uses little current, power transfer efficiency is not important. On the other hand, cost
|
||||
may be a concern in a production device. Here it may prove worthwhile to replace the solar cell setup with an extra
|
||||
winding on the rotor of the BLDC motor driving the spinning mesh. This rotor is likely to be a custom part, so adding
|
||||
winding on the rotor of the BLDC motor driving the spinning mesh. This motor is likely to be a custom part, so adding
|
||||
an extra winding is unlikely to increase cost significantly. More traditional inductive power transfer may also be an
|
||||
option if it can be integrated into the mechanical design.
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue