hsm survey WIP
This commit is contained in:
jaseg
parent
1e8270a5f7
commit
7c23a055f3
2 changed files with 32 additions and 5 deletions
|
|
@ -112,9 +112,29 @@ cloning. This device will also be analyzed later in this chapter.
|
|||
|
||||
\section{The Principles of Tamper-Sensing Mesh Construction and Monitoring}
|
||||
|
||||
\subsection{Security Mesh Manufacturing}
|
||||
\subsection{Tamper-sensing Mesh Manufacturing}
|
||||
|
||||
\subsection{Security Mesh Monitoring}
|
||||
The manufacturing technology of a tamper sensing mesh is a critical factor in its security. While in many applications,
|
||||
meshes manufactured from off-the-shelf processes such as Flexible Printed Circuit (FPC) processes are used, these
|
||||
processes tend to be optimzed to maximize the robustness of the produced circuits to mechanical stress. In contrast, the
|
||||
ideal tamper-sensing mesh is exactly as robust as it needs to be not to be destroyed accidentially during normal
|
||||
handling, but should not be more robust than that. As a result, more secure meshes tend to be manufactured in bespoke
|
||||
manufacturing processes.
|
||||
% FIXME cite Immler et al
|
||||
|
||||
One more widely cited tamper-sensing mesh implementation is a commercial product developed by IBM in collaboration with
|
||||
chemical company W.\ L.\ Gore \& Asscociates Inc.\ and used in IBM's datacenter HSM products up to approximately 2020.
|
||||
% FIXME mention that Immler et al. cite them
|
||||
This mesh design uses a stack of multiple layers of a clear, flexible plastic substrate on which carbon-based traces are
|
||||
printed. Vias, i.e. contacts between layers, are made by laser cutting small holes into the substrate before the traces
|
||||
are printed. The flexible circuit layers are joined with a opaque black, stretchy glue and after installation embedded
|
||||
in an elastic opaque resin. The plastic substrate foil is thinner and significantly less resistant to tearing than
|
||||
plastic substrates commonly used in the electronics industry for applications like key pads and circuit boards, which
|
||||
improves its security against tampering. Furthermore, both the glue fusing the foil layers together and the resin the
|
||||
mesh is embedded inside after installation are clearly co-designed with the carbon trace material such that the trace
|
||||
material adheres well to both, leading to the traces being destroyed when either are peeled off.
|
||||
|
||||
\subsection{Tamper-sensing Mesh Monitoring}
|
||||
|
||||
\subsection{Other Tamper Sensing Techniques}
|
||||
|
||||
|
|
@ -122,7 +142,14 @@ cloning. This device will also be analyzed later in this chapter.
|
|||
|
||||
\subsection{The Patent Landscape}
|
||||
|
||||
Tamper-sensing meshes can be implemented
|
||||
Tamper-sensing meshes can be implemented in many different ways. Their design offers various degrees of freedom from the
|
||||
precise conductor layout, through the manufacturing technology of the mesh and how it is wrapped around the payload
|
||||
during manufacturing up to its monitoring circuitry. As a result, manufacturers across application domains from
|
||||
datacenter appliance HSMs through card payment terminals and including niche applications like mail franking machines
|
||||
have historically used patents on parts of their tamper-sensing mesh implementations as a means to prevent copying of
|
||||
their designs. While most original tamper sensing mesh implementations are covered by at least one patent, we want to
|
||||
highlight IBM for dwarfing the efforts of most other companies and fielding industry's widest portfolio of related
|
||||
patents.
|
||||
|
||||
\section{A Survey of Meshes in the Wild}
|
||||
|
||||
|
|
@ -208,7 +235,7 @@ cases.
|
|||
\subsubsection{Other miscellaneous devices}
|
||||
|
||||
Sometimes, tamper-sensing meshes show up in other types of devices. We acquired two such devices. First, we acquired a
|
||||
Neopost franking machine, a type of device that is used to directly print a code on an envelope that replaces a
|
||||
Neopost mail franking machine, a type of device that is used to directly print a code on an envelope that replaces a
|
||||
conventional postage stamp.
|
||||
|
||||
\section{Conclusion}
|
||||
|
|
|
|||
|
|
@ -190,7 +190,7 @@ In this thesis, we use the terms \emph{Tamper-Sensing Mesh} and \emph{Security M
|
|||
refer to any electrical circuit whose path is laid out to cover a surface with the intent of detecting attempts at
|
||||
drilling, cutting or otherwise manipulating this surface. While the term \emph{Security Mesh} is more concise, it is
|
||||
less clear to people unfamiliar with the matter. It is also polysemous, and depending on context can also refer to woven
|
||||
or stamped metal meshes used as fences or as screens in front of windows to prevent break-in. As a result, it is harder
|
||||
or stamped metal meshes used as fences or as screens in front of windows to prevent break-ins. As a result, it is harder
|
||||
to use in online searches, and when using Large Language Models (LLMs), it frequently leads to amusing hallucinations.
|
||||
|
||||
%In the early days of mass-market computing, the expectations towards this new tool were high. Even before people
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue