-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Aloha!
Richard Lamb wrote: > Pardon me if this has already been discussed but in my own > commercial HSM development efforts I have ran across a relatively > simple but effective protection against attempts to discern memory > states using low dose gamma rays such as those from a lab Co-60 > source. Simply inverting the bits of the MKM every tenth of a second > or so may be effective. Even with X,gamma, etc detectors built into > my HSM, distinction between high dose and low dose is a difficult > task given unknown deployment environments. Hence this suggestion. > > Again, I apologize if this has been discussed already. Very interesting, thank you for sharing this info with us. We have discussed methods for mitigating different remanence and leakage problems with the MKM. But we have not gone into much specifics as of yet. Moving info around, rotating bits and bit flipping are things we have talked about as possible methods. Your input shows that there are issues but also ways of mitigating them. the mkmif block in the FPGA could in a future version (post Berlin) get this functionality. The AVR tamper CPU could also be responsible for this functionality. Right now we don't do anything in neither regarding these issues. - -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. ======================================================================== Joachim Strömbergson Secworks AB joac...@secworks.se ======================================================================== -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCAAGBQJXc9fBAAoJEF3cfFQkIuyNiNgQAKws7+MsrVuldM81GwEHcf+x sg/Nw578I3nRiqVt2B/kkFXs8yheWM+DU4HjvCl6UsSmOUkLkVvfEHfaDiGLbO0o lSaEs2foNNDeWctw7/5r8H2cQGvHK7tsNQWVpU3yQVJFHvO2qmxX9M2Q5gWY29/h 7b/rNsdHje0k8Yuizu8E+eXAuRuoMjPGVChk0dXQm3mZUWjnszKJ9szf/gXNKdxt T9osmE1OBAfKJOBZJBfbXFAvBqTW+9l6kljiItM3BxpNw6y1pwDzCq5PCqki+5V4 dMnN5s6q0sgu2uAehoybJv//Nn3yvUBisrxStlM9iq1W92mJwXKJg0m91BWWLiFS v9Ke+sDm/1YIaQcspPPf1np9DoI/raMULAMQNOjQgldEiAo6R8eFQNtfyYOP9PHz L0n0/Zvu4yx3ZddFCZwPtLb6IivQHFngiHe5WFPd9Hkfd+CZnp3ioiPmFY5e3QmC n+d0TOfPf2zbScvVLlfTNfXdzuBngje/u2wgld08nXdv4JMaCIbsDrTlTbjiBn1t unb92SSfMVVlhZ90F3HbXHlUlDNE9OWspGmFgvCBFoirD/qekBpWrhd0zoFQyBqZ MvotrZ7sdVNR/m9jPZ7kmK+2AaYXJxVHxF6zSJySFt1YQzape4y2xGCdRE+HGMeF YEFx2rXmxqwDRcxCTXw+ =GfSp -----END PGP SIGNATURE----- _______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech
