Introduction to physical tamper-resistant devices
Developing a secure computer system is not only a matter of design and prediction of possible issues and security breaches, it is very important to carefully design a software and make sure to secure as possible the inner implementation by use of some software engineering techniques as the encapsulation which reduces the exposure of code to external classes and objects.
This done, it is not enough; developers should keep an eye on the software after its deployment and usage by monitoring its behavior. The process of monitoring can be applied for different purposes; it can help for performances review, but the most important applications of monitoring helps protecting and adding fixes for security breaches.
As stated by Gladman “It is relatively easy to build an encryption system that is secure if it
is working as intended and is used correctly but it is still very hard to build a system that does not compromise its security in situations in which it is either misused or one or more of its sub-components fails” (Gladman, 2001).
Tamper resistance is a security concept or characteristic that can be applied to different areas and not restricted to computing or digital area. Anti-tamper device contains tamper detection, tamper resistance, tamper response and tamper detection (Rannenberg et.al, 2010).
An example of a tamper resistant device is the IBM 4758 crypto-processor which provided the highest level of tamper resistance.
Fig 1: IBM 4785 Crypto-processor
1- List of the different types of physical tamper-resistant devices and their characteristics
Different types of physical tamper-resistant devices exist
a. High end devices
Like the IBM 4785, these devices are a very powerful crypto systems surrounded by a tamper sensing mesh. Whenever a tempering attempt is detected, the mesh erases permanently the key materials and makes the device unreadable and unrecoverable.
b. Low end devices
This type of devices contains a symmetric key cryptosystem, they are in general protected against unauthorised reads, and the mechanisms are designed in a very preliminary basis. One of the low end devices examples is the Cheap Microcontrollers.
c. Mid range devices
Single-chip products which can avoid physical attacks. Common examples are smart cards and TPM chips (Buttan, 2008).
Comparing the thee types of physical tamper-resistant devices we can first of all see that the high end devices provides a very secure mechanism thanks to its mesh which will erase and kill its key material which will make the device useless, no rollback or any measure would be useful for restoring it or its data. This is an extreme protection approach and I can imagine its use for very sensitive devices, military and nuclear devices might if necessary apply such protection types for the very critical ones. The second type (low-end devices) is capable only for symmetric key crypto, which means that it secures the device against unauthorized reads. It won’t for sure protect against skilled and insisting attackers, they will find a way to avoid attacks. The last type of devices (mid-range) is more suitable for small chips and smart cards, which can help making them hard to crack, and the security model is designed as a wall against physical attacks.
We can see throw the differences and application fields of each type of physical tamper-resistant devices that each is designed to provide a specific protection mechanism. The ideal is to combine two or the three of them to design a very secure and protected device. The question is whether it is feasible? I think that it can be done, combining in the same device a sensing mesh to avoid any physical attempt to access the inner implementation in conjunction with a symmetric key cryptosystem making sure that data will only be readable by authorized users and finally with integrate a chip for the most critical part of the design.
Reviewing the different technics and security mechanism addressed during this week is interesting. The protection of devices or software shouldn’t only focus on the design and pre-deployment phase, we should also think about its deployment and the fact that the device will be available and between the hands of possible attackers. For both software and devices, technics exist to protect them. For software, we can use code obfuscation, PKI or even ID-based cryptosystems (for ID-based authentication and authorization) whereas for devices we should use one or a combination of tamper-resistant methods.
– Brian Gladman (2001). Physical Tamper Resistance. Security Engineering: A Guide to Building Dependable Distributed Systems. Available at: http://www.cl.cam.ac.uk/~rja14/Papers/SE-14.pdf
– Kai Rannenberg, Vijay Varadharajan, Christian Weber (2010). Security and Privacy – Silver Linings in the Cloud: 25th IFIP TC 11 International Information Security Conference, SEC 2010, Held as Part of WCC 2010, Brisbane, Australia, September 20-23, 2010, Proceedings. Springer, ISBN: 3642152562.
– Levente Buttyan (2008). Tamper resistant devices. Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology and Economics. Available at: http://www.hit.bme.hu/~buttyan/courses/BMEVIHIM219/2009/slideset-hsm.pdf