38 lines
3.2 KiB
TeX
38 lines
3.2 KiB
TeX
|
|
\chapter*{Abstract}
|
|
\adjustmtc
|
|
\addcontentsline{toc}{chapter}{Abstract}
|
|
|
|
%Through advancements in cryptography, nowadays it is feasible to construct networked computer systems that for all
|
|
%intents and purposes cannot be hacked over the network. Correctly applying cryptographic protocols and techniques such
|
|
%as formal verification, it can be ensured that a software implementation is a flawless representation of its theoretical
|
|
%model, and that the theoretical model is secure given universally accepted cryptographic assumptions. Despite
|
|
|
|
With cryptographic advancements and techniques like formal verification leading to increasingly secure software, the
|
|
hardware level advances into the focus of contemporary applied computer security research. However, the state of the art
|
|
in hardware security still often relies on the use of microelectronic integration to achieve security by obscurity over
|
|
more fundamental security guarantees. System-level tamper protection is sometimes used, but remains relegated to niche
|
|
applications due to the high cost and low performance of devices like Hardware Security Modules (HSMs).
|
|
|
|
In this thesis, Jan Sebastian Götte introduces the Inertial Hardware Security Module (IHSM), a new architecture for
|
|
low-cost hardware security modules that provide high-level active tamper protection, while supporting computing payloads
|
|
of much larger size, weight and power dissipation compared to conventional HSMs. In an IHSM, the costly and difficult to
|
|
source tamper-sensing mesh of a conventional HSM is replaced by a mesh made from simple PCBs that is rotating at high
|
|
speed around the payload. Since the mesh is rotating, it cannot be manipulated, and the security of conventional meshes
|
|
created in bespoke manufacturing processes can be achieved using much simpler and less expensive construction
|
|
techniques. The thesis presents solutions to key engineering challenges in IHSM construction including a highly
|
|
symmetric planar inductor design for rotating wireless power transfer and a high-fidelity monitoring system for low-cost
|
|
security meshes.
|
|
|
|
Applying IHSM technology, the thesis concludes with analyses of two use cases that are unlocked by the increased
|
|
size and power dissipation capability of IHSMs. In the first analysis, an IHSM-secured relay node for Quantum Key
|
|
Distribution (QKD) systems is proposed, enabling their practical implementation across arbitrary distances, which
|
|
requires trusted relay stations due to fundamental physical limitations. In the study, IHSMs are adapted for such
|
|
high-security QKD relays by securing the IHSM mesh passthrough with a secondary tamper-sensing mesh. In this setup, a
|
|
bracket design is proposed that supports passing through optical fibers at low loss.
|
|
|
|
The second proposed use case adapts an IHSM enclosure to the size, power and thermal dissiptation requirements of a
|
|
high-power server to support co-located secure Multiparty Computation (MPC) workloads. MPC in practice is limited by
|
|
network bandwidth and latency constraints that cannot be avoided without physically secure nodes. Conventional HSMs
|
|
cannot serve MPC workloads since their cryptographic performance is too low by many orders of magnitude. An IHSM-secured
|
|
MPC node circumvents these limitations, unlocking a new performance spectrum.
|