Hi all I met with Richard Lamb in Berlin, and in an interesting discussion about the tamper subsystem he raised a couple of questions I think are relevant for the list.
1) How fast are we erasing the master key from the volatile memory after a tamper event? Richard thought maybe the ATtiny would be too slow. The answer is that we can do it in just under 4ms plus a (short) sleep wake-up time. I tweaked the tamper code to use SPI at f/4 speed, and not erase the whole memory but just the first 256 bits (key) + 32 bits status and timed it with my logic analyzer. Picture attached. This is with busy-waiting for the PANIC button signal. 2) Is it best to have a separate MKM memory like we do today, or to instead put the MKM in the volatile memory of the tamper MCU? What reasoning is there really to have a separate memory? A memory chip is probably a little bit faster in reacting to read requests, but to me it seems much more difficult to shuffle the key around in memory (to prevent imprinting) if it is a separate memory. 3) Richard also suggests using the PCF2127AT real-time clock instead of our current MCP79412. The point as I understood it was that the PFC2127AT should stay reasonably in sync over 10 years. /Fredrik
_______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech
