From 34c0657e667fd82ca78f64bbb9853c96e02f70a0 Mon Sep 17 00:00:00 2001 From: jaseg Date: Tue, 18 Nov 2025 17:14:58 +0100 Subject: [PATCH] More citations and include Konrad's first batch of fixes --- ai-llm-use-disclosure.tex | 2 +- chapter-conclusion/chapter.tex | 27 ++++++++-------- chapter-introduction/chapter.tex | 54 ++++++++++++++++---------------- main.bib | 18 +++++++---- 4 files changed, 54 insertions(+), 47 deletions(-) diff --git a/ai-llm-use-disclosure.tex b/ai-llm-use-disclosure.tex index 15e313c..6d2d38b 100644 --- a/ai-llm-use-disclosure.tex +++ b/ai-llm-use-disclosure.tex @@ -14,7 +14,7 @@ wrong output. Thus, I used the following list of observations to guide my LLM us from the source text. Therefore, the document text should never be passed through the LLM, and the LLM should be prompted to point out problems, or to produce a list of suggestions for improvements instead. \item LLMs are really bad at summarizing text that contains novel concepts. LLM summaries of text often converge to - a re-stating of the general consensus on the text's main topic. Where the source text deviates from conventionla + a re-stating of the general consensus on the text's main topic. Where the source text deviates from conventional wisdom or makes novel points, an LLM summary will likely mis-represent those conclusions. Additionally, LLMs are bad at capturing the point of a text. Unless extreme care is taken when prompting, it is easy to lead an LLM to produce an inaccurate summary of a text that agrees with the prompt, but misses the gist of the text. Therefore, diff --git a/chapter-conclusion/chapter.tex b/chapter-conclusion/chapter.tex index b971d2e..1ec0194 100644 --- a/chapter-conclusion/chapter.tex +++ b/chapter-conclusion/chapter.tex @@ -6,18 +6,19 @@ In this thesis, we propose Inertial Hardware Security Modules (IHSMs), a new approach to physical security that combines conventional tamper-sensing meshes with physical movement to bootstrap a highly secure system from low-security, off-the-shelf parts, solving our first research question introduced in Chapter~\ref{chapter-intro}. To motivate our -research, we show on the German national digital health record system how hardware security is hard to achieve in -practice. Besides some minor cryptographic oddities, our analysis reveals at least one essential specification mistake -that negates the hardware security of the system by unnecessarily introducing a poorly protected HSM. We provide a deep -analyses of two key engineering challenges in IHSM construction, mesh monitoring and power transfer. Solving our second -research question, we propose a low-cost TDR-based mesh monitoring system that exceeds the capabilities of previous -systems from academic or from patent literature. Our system is capable of monitoring large meshes while simultaneously -providing detailed results. Our TDR-based mesh monitoring system is of independent interest, since it can also be -integrated into traditional HSM designs. We additionally propose a new, generalized design for high-frequency PCB -inductors with low parasitic capacitance. Our design provides better bandwidth and lower parasitic capacitance compared -to the state of the art without increasing implementation cost. We conclude this thesis with two chapters elaborating on -two new use cases that are made possible by IHSM technology due to its ability to protect large payloads that have high -power consumption. Together, these results answer our third and final research question. +research, we use the German national digital health record system as an example demonstrating the difficulties in +achieving useful hardware security in practice. Besides some minor cryptographic oddities, our analysis reveals at least +one essential specification mistake that negates the hardware security of the system by unnecessarily introducing a +poorly protected HSM. With this motivation in mind, we support the construction of concretely secure IHSMs by providing +deep analyses of two key engineering challenges in IHSM construction, mesh monitoring and power transfer. Solving our +second research question, we propose a low-cost TDR-based mesh monitoring system that exceeds the capabilities of +previous systems from academic or from patent literature. Our system is capable of monitoring large meshes while +simultaneously providing detailed results. Our TDR-based mesh monitoring system is of independent interest, since it can +also be integrated into traditional HSM designs. We additionally propose a new, generalized design for high-frequency +PCB inductors with low parasitic capacitance. Our design provides better bandwidth and lower parasitic capacitance +compared to the state of the art without increasing implementation cost. We conclude this thesis with two chapters +elaborating on two new use cases that are made possible by IHSM technology due to its ability to protect large payloads +that have high power consumption. Together, these results answer our third and final research question. The research presented in this thesis is aimed at advancing both academic research and applied engineering in hardware security. We believe that by publishing our research including its artifacts under open source licenses, we provide the @@ -56,6 +57,6 @@ directions that we consider worthwhile for future investigation. weights. \end{itemize} -We will to proceed with future research into IHSM applications. We have published our results up to this point as open +We will proceed with future research into IHSM applications. We have published our results up to this point as open source hardware and software, and we intend to build on these publications. diff --git a/chapter-introduction/chapter.tex b/chapter-introduction/chapter.tex index 2ad3a0f..de85933 100644 --- a/chapter-introduction/chapter.tex +++ b/chapter-introduction/chapter.tex @@ -20,17 +20,22 @@ attempts by states and other authorities to insert backdoor access mechanisms in rogawayMoralCharacterCryptographic2015, }. -The aversion of cryptographers against backdoor access shows up everywhere. From cryptographic protocol standards like -TLS, to cryptographic applications like the Signal messenger, backdoor access is not only excluded from the system -design, its possibility is considered a potential vulnerability. Measures such as forward secrecy and post-compromise -security are taken to mitigate its impact. In computing, this design aspect makes cryptographic protocols a unique -holdout. In other parts of the stack, explicit or implicit backdoor access is commonplace, and attempts at preventing it -are rare. For instance, network providers are generally required to comply with so-called \emph{Lawful Interception} -orders on particular customers or traffic types, and datacenter operators commonly provide hardware access to state -authorities. The design decisions in cryptographic protocols generally hold, and the gold standard for backdoor access -to modern systems is either exploiting a \emph{zero-day} flaw that is not yet publically known, or acquiring physical -access to the target system. -\todo{Make sure all figures have nice short titles for list of figures} +While at a glance it might sound like a fringe position held by people from the Cypherpunk and Hacker movements~\cite{ + andersonCypherpunkEthicsRadical2022, + hughesCypherpunksManifesto, + jarvisCryptoWarsFight2020, + marlinspikeWeShouldAll2013}, +it enjoys support far beyond those circles and throughout mainstream academic cryptography. The aversion of +cryptographers against backdoor access shows up everywhere. From cryptographic protocol standards like TLS, to +cryptographic applications like the Signal messenger, backdoor access is not only excluded from the system design, its +possibility is considered a potential vulnerability. Measures such as forward secrecy and post-compromise security are +taken to mitigate its impact. In computing, this design aspect makes cryptographic protocols a unique holdout. In other +parts of the stack, explicit or implicit backdoor access is commonplace, and attempts at preventing it are rare. For +instance, network providers are generally required to comply with so-called \emph{Lawful Interception} orders on +particular customers or traffic types, and datacenter operators commonly provide hardware access to state authorities. +The design decisions in cryptographic protocols generally hold, and the gold standard for backdoor access to modern +systems is either exploiting a \emph{zero-day} flaw that is not yet publically known, or acquiring physical access to +the target system. \todo{Make sure all figures have nice short titles for list of figures} \section{Research Questions} @@ -71,16 +76,11 @@ businesses. \section{Cryptographic Principles and Physical Reality} -% cypherpunks: andersonCypherpunkEthicsRadical2022 -% cypherpunks: hughesCypherpunksManifesto -% cypherpunks: CryptoWarsFight -% moxie / "we should all have something to hide": marlinspikeWeShouldAll2013 -\todo{Cite cypherpunk and hacker movements} +While anarchists, Cypherpunks and Hackers often reject backdoor access out of political conviction alone, Cryptographers' aversion to backdoor access derives from a combination of two fundamental computing principles: -Kerckhoffs' principle, and the principle of least authority. Kerckhoffs' -principle\footnote{ -\textcite{petitcolasKerckhoffsPrinciplesCryptographie} contains a high-quality OCR'ed copy of the original source, as - well as a translation of the cited part from French. The original source is +Kerckhoffs' principle, and the principle of least authority. Kerckhoffs' principle\footnote{ + \textcite{petitcolasKerckhoffsPrinciplesCryptographie} contains a high-quality OCR'ed copy of the original source, + as well as a translation of the cited part from French. The original source is \textcite{kerckhoffsCryptographieMilitaire1883}. }, named after Dutch military cryptographer Auguste Kerckhoffs, expresses that the security of a cryptographic system should only depend on the secrecy of its keys, not on the secrecy of its design. In this way, Kerckhoff's principle @@ -143,19 +143,19 @@ Inertial HSMs are the first fully open source HSM with advanced tamper sensing f Inertial HSMs can be applied to gain resistance to physical attacks in scenarios where conventional HSMs were not used because of cost, computing power or implementation effort. Where conventional HSMs come as fully integrated devices that only expose limited APIs to their users, Inertial HSMs at their core are just an enclosure that the user can put -whatever hardware they need into. Since the simpler tamper-sensing mesh construction of IHSMs scales to larger payload -volumes, entire servers can be protected---something that is impossible with conventional HSMs. Since the mesh in an -IHSM is constantly moving, unlike a mesh in a conventional HSM, it does not have to entirely cover the payload. Instead, -it can have gaps that allow for air flow between outside and inside, enabling active cooling of the IHSM's payload. This -cooling capability sharply increases computing power by increasing feasible payload power dissipation by -two orders of magnitude. +whatever hardware they need into, adapting the tamper response to their application's needs. Since the simpler +tamper-sensing mesh construction of IHSMs scales to larger payload volumes, entire servers can be protected---something +that is impossible with conventional HSMs. Since the mesh in an IHSM is constantly moving, unlike a mesh in a +conventional HSM, it does not have to entirely cover the payload. Instead, it can have gaps that allow for air flow +between outside and inside, enabling active cooling of the IHSM's payload. This cooling capability sharply increases +computing power by increasing feasible payload power dissipation by two orders of magnitude. \section{Conclusion} Looking at the practice of applied hardware security, we observe that despite ample availability of commercial solutions promising easy hardware security, clearly there is still a lack of solutions that provide the adaptability necessary for some real use cases at low enough cost. By publishing the tamper-sensing technology we developed during the making of -this thesis as open source hardware designs, we wish to provide this missing building block to provide high-level +this thesis as open source hardware designs, we aim to provide this missing building block to provide high-level hardware security in real-world applications. Our hardware designs can be adapted to a devices ranging from Single-Board Computers (SBCs) to servers, they are compatible with non-computing applications like Quantum Key Distribution (QKD) and their design approaches can even be integrated into existing HSM designs to provide better security at little additional diff --git a/main.bib b/main.bib index a1ae2a7..add468c 100644 --- a/main.bib +++ b/main.bib @@ -1498,12 +1498,6 @@ pagetotal = {384} } -@online{CryptoWarsFight, - title = {Crypto {{Wars}}: {{The}} Fight for Privacy in the Digital Age: {{A}} Political History of Digital Encryption: {{Journal}} of {{Intelligence History}}: {{Vol}} 23 , {{No}} 1 - {{Get Access}}}, - url = {https://www.tandfonline.com/doi/full/10.1080/16161262.2023.2227025}, - urldate = {2025-11-18} -} - @article{cuellarStaticFatigueLifetime1987, title = {Static Fatigue Lifetime of Optical Fibers in Bending}, author = {Cuellar, E. and Roberts, D. and Middleman, L.}, @@ -3183,6 +3177,18 @@ langid = {english} } +@book{jarvisCryptoWarsFight2020, + title = {Crypto {{Wars}}: {{The Fight}} for {{Privacy}} in the {{Digital Age}}: {{A Political History}} of {{Digital Encryption}}}, + author = {Jarvis, Craig}, + date = {2020-12-14}, + edition = {1}, + publisher = {CRC Press}, + url = {https://doi.org/10.1201/9781003123675}, + urldate = {2025-11-18}, + abstract = {The crypto wars have raged for half a century. In the 1970s, digital privacy activists prophesied the emergence of an Orwellian State, made possible by computer-mediated mass surveillance. The antidote: digital encryption. The U.S. government warned encryption would not only prevent surveillance of law-abiding citizens, but of criminals, terrorists, and foreign spies, ushering in a rival dystopian future. Both parties fought to defend the citizenry from what they believed the most perilous threats. The government tried to control encryption to preserve its surveillance capabilities; privacy activists armed citizens with cryptographic tools and challenged encryption regulations in the courts. No clear victor has emerged from the crypto wars. Governments have failed to forge a framework to govern the, at times conflicting, civil liberties of privacy and security in the digital age—an age when such liberties have an outsized influence on the citizen–State power balance. Solving this problem is more urgent than ever. Digital privacy will be one of the most important factors in how we architect twenty-first century societies—its management is paramount to our stewardship of democracy for future generations. We must elevate the quality of debate on cryptography, on how we govern security and privacy in our technology-infused world. Failure to end the crypto wars will result in societies sleepwalking into a future where the citizen–State power balance is determined by a twentieth-century status quo unfit for this century, endangering both our privacy and security. This book provides a history of the crypto wars, with the hope its chronicling sets a foundation for peace.}, + isbn = {978-1-00-312367-5} +} + @inproceedings{jiangGhostTypeLimitsUsing2024, title = {{{GhostType}}: {{The Limits}} of {{Using Contactless Electromagnetic Interference}} to {{Inject Phantom Keys}} into {{Analog Circuits}} of {{Keyboards}}}, shorttitle = {{{GhostType}}},