At 10:32 AM -0700 9/13/99, Eugene Leitl wrote:
>Why don't you just erase flash when a pressure change (hull breach) is
>detected. Using double-walled hull, to look for shortcuts. You can
>also couple this to light detection, and whatnot.
>
>Andreas Bogk writes:
> > Russell Nelson <[EMAIL PROTECTED]> writes:
> >
> > > > There's some question about how hard it will be to design
> > > > hardware that will be DPA-resistant for different
> > > > algorithms.
> > > Big on-chip caps. Lithium batteries. Tamper-resistant housings.
>[...]
A sophisticated attacker could measure the pressure in each
compartment and work in a pressurized, darkened room.
One thought I had is to include a circuit on chip (perhaps duplicated
in several places) that would monitor on-chip supply voltage and keep
the program from executing sensitive code for some period if dV/dt
were too high. If the cap or Li battery were disconnected, the
circuit would see continuous fluctuations and shut the processor
down. A accidental power glitch would only cause a short delay in
execution.
If an attacker can get to the chip and disable these power monitor
circuits, he can probably also put a logic analyzer on the memory
lines and extract the key that way.
Arnold Reinhold
