Include Björn's remarks, spellcheck
This commit is contained in:
jaseg
parent
21520789fc
commit
aa05b1dd6e
2 changed files with 57 additions and 51 deletions
|
|
@ -43,33 +43,37 @@
|
|||
\subtitle{Changes of Major Revision compared to version submitted to TCHES 21/4}
|
||||
\maketitle
|
||||
|
||||
This document lists the requested revisions we identified from the reviewers comments and explains how we adressed these
|
||||
requests.
|
||||
We again wish to express our deep gratitude for the reviewers' profound insights and valuable feedback in the TCHES 21/4
|
||||
review round. After the program committee's ``major revision'' decision we have reflected upon our submission with the
|
||||
new insights we have gained from the reviewers' comments. In the remainder of this document, we will list the requested
|
||||
changes that we have identified from the reviewers' helpful comments and explain how we adressed these requests in the
|
||||
enclosed major revision of our submission. We hope that by extensively reworking our initial submission we have improved
|
||||
it to the satisfaction of the reviewers and program committee.
|
||||
|
||||
\paragraph{Lack of discussion of operational constraints.}
|
||||
|
||||
As pointed out by Reviewer~B, our initial submission lacked a detailed discussion of the operational constraints of
|
||||
Inertial Hardware Security Modules. We have adressed this with more than two pages of new content on the operation of
|
||||
IHSMs in the new Sections~3.5 ``Long-Term Operation'' and~3.6 ``Transportation''. In these sections we address the
|
||||
reviewers' points on the continuous power supply requirement and go into detail on the likelihood of spurious tamper
|
||||
alarms triggered by external vibrations. Section~3.5 also addressses Reviewer~B's comments on failover, backup and
|
||||
replication of cryptographic secrets.
|
||||
As pointed out by Reviewers~A and~B, our initial submission lacked a detailed discussion of the operational constraints of
|
||||
Inertial Hardware Security Modules. We thank the reveiwer for this helpful observation. We have adressed this with more
|
||||
than two pages of new content on the operation of IHSMs in the new Sections~3.5 ``Long-Term Operation'' and~3.6
|
||||
``Transportation''. In these sections we address the reviewers' points on the continuous power supply requirement and go
|
||||
into detail on the likelihood of spurious tamper alarms triggered by external vibrations. Section~3.5 also addresses
|
||||
Reviewer~B's comments on failover, backup and replication of cryptographic secrets.
|
||||
|
||||
\paragraph{Lack of discussion of improved cooling capabilities of IHSMs compared to traditional HSMs.}
|
||||
|
||||
As Reviewer~D pointed out, our initial submission alluded to the possibility of facilitating cooling airflow through an
|
||||
IHSM's security mesh and noted that this would allow for greater processing capabilities, but did not go into detail on
|
||||
the extent of this effect. In our revised paper, we have extended Section~3.4 ``Mechanical Layout'' with an
|
||||
order-of-magnitude estimation of this effect based on real-world benchmarks and information available from vendors of
|
||||
traditional HSMs.
|
||||
the extent of this effect. To address this valid remark, in our revised paper, we have extended Section~3.4 ``Mechanical
|
||||
Layout'' with an order-of-magnitude estimation of this effect based on real-world benchmarks and information available
|
||||
from vendors of traditional HSMs.
|
||||
|
||||
\paragraph{Mechanical Rotating Stage Attacks.}
|
||||
|
||||
As pointed out by Reviewer~D, in our original submission our discussion of the Swivel Chair Attack discusses attacks by
|
||||
by a rotating human attacker in depth and mentions the possibility of a fully mechanized attack robot. However, our
|
||||
initial submission did not go into detail on the constraints of such a fully mechanized attack. In our revised paper we
|
||||
have completed our discussion in this section with one half page of new content and one new diagram discussing
|
||||
fully mechanized attack robots.
|
||||
initial submission did not go into detail on the constraints of such a fully mechanized attack. We are grateful to the
|
||||
reviewer for pointing out the lack of detail in this regard. In our revised paper we have completed our discussion in
|
||||
this section with one half page of new content and one new diagram discussing fully mechanized attack robots.
|
||||
|
||||
\paragraph{Comparison of IHSM attacks to those on traditional HSMs.}
|
||||
|
||||
|
|
@ -80,15 +84,17 @@ response, we have significantly extended Section~4 ``Attacks'' with one page of
|
|||
reader.
|
||||
|
||||
\paragraph{Notes on future work.}
|
||||
|
||||
Reviewer~D stated that they would find an outlook on the next design steps towards a practically usable design
|
||||
interesting. We have adressed this at the end of Section~7 ``Conclusion'' to the extent of our current plans.
|
||||
|
||||
\paragraph{Design Artifact Availability.}
|
||||
Reviewer~D state that acceess to design artifacts would be useful for readers of the paper. While we cannot make our
|
||||
|
||||
Reviewer~D stated that acceess to design artifacts would be useful for readers of the paper. While we cannot make our
|
||||
design artifacts available as part of the peer review process as they contain a multitude of references to the
|
||||
identities of the authors and their employer, we have added a brief appendix that in the publication version of our
|
||||
paper will contain a link to the open-source repository containing all hardware, software and paper sources relating to
|
||||
our research project.
|
||||
identities of the authors and their employer, we have added a brief appendix that the publication version of our
|
||||
paper will contain with a link to the open-source repository containing all hardware, software and paper sources
|
||||
relating to our research project.
|
||||
|
||||
\paragraph{Detailed discussion of contactless attacks.}
|
||||
|
||||
|
|
@ -101,8 +107,8 @@ it can provide to its payload.
|
|||
|
||||
\paragraph{Justification of mesh monitor power consumption estimates.}
|
||||
|
||||
A point noted by Reviewer~B is that in our initial submission we provided an estimate on the current consumption of an
|
||||
IHSM monitoring cirucit without providing a detailed justification of our estimate. In response, we have extended
|
||||
Section~5.3 ``Power transmission from Stator to rotor'' with a more detailed justification of this estimate.
|
||||
A point noted by Reviewers~A and~B is that in our initial submission we provided an estimate on the current consumption
|
||||
of an IHSM monitoring cirucit without providing a detailed justification of our estimate. In response, we have extended
|
||||
Section~5.3 ``Power transmission from stator to rotor'' with a more detailed justification of this estimate.
|
||||
|
||||
\end{document}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue