1copyright © 2005 infogard laboratories proprietary nist cmvp physical security conference physical...
TRANSCRIPT
Copyright © 2005 InfoGard Laboratories Proprietary 1
NIST CMVP Physical Security Conference
Physical Security Protections
September 25, 2005
Copyright © 2005 InfoGard Laboratories Proprietary 2
Agenda
• Introduction– Physical Security Considerations
– Attack Considerations
• Commonly Used Physical Security Protections– Multi-Chip Embodiments
– Attack Challenges
– Attack Tools and Methods
• Conclusion
Copyright © 2005 InfoGard Laboratories Proprietary 3
Physical Security Considerations
• Module Physical Security Considerations:– Protection features are dependant on:
• Sensitivity of the information it is protecting• Deployment environment
– FIPS 140-2 Level 1 & 2:• The dependability of cryptographic modules is reliant upon all of the
elements and the interactions of the physical security system.
– FIPS 140-2 Levels 3 & 4• Highly sensitive, but no classified, information• As the deployment environment becomes more hostile, the integrity of
the module relies heavily on the detection and possible prevention of unauthorized physical access.
Copyright © 2005 InfoGard Laboratories Proprietary 4
Attack Considerations
• The physical security characteristics and mechanisms integrated in cryptographic modules (security or cryptographic) are an independent component that should effectively protect against potential penetration attacks deemed reasonable and appropriate for their given deployment environment.
– The components that devise the physical security system must work The components that devise the physical security system must work together in unison and be of comparable strength.together in unison and be of comparable strength.
– If any component of the system is weak or works ineffectively with If any component of the system is weak or works ineffectively with any of the other components, then that component has the potential any of the other components, then that component has the potential of causing an overall physical security system weakness.of causing an overall physical security system weakness.
• Attackers typically research and investigate these system Attackers typically research and investigate these system weaknesses and tailor an exploit to take advantage of this weaknesses and tailor an exploit to take advantage of this vulnerability to compromise cryptographic module.vulnerability to compromise cryptographic module.
Copyright © 2005 InfoGard Laboratories Proprietary 5
Physical Security Protection
• Three commonly used physical security protections:– Potting Encapsulation– Enclosure with tamper switches– Enclosure with tamper wrapper
Copyright © 2005 InfoGard Laboratories Proprietary 6
General Attack Challenges
• Visibility– Structure of the module and functionality
• Accessibility– Highest probability areas to initiate compromising
vulnerabilities
• Ability– Knowledge of physics, electronics, and material properties– Experience to utilize the optimum tools, supplies, and
resources at the appropriate time
Copyright © 2005 InfoGard Laboratories Proprietary 7
Potting Encapsulation
• Completely surrounds the cryptographic boundary
• Requirements for compliance– Opacity (or inability to see
through the potting material);
– Visible tamper evidence if removed;
– Sufficiently “hard” after properly cured
• Only sufficient to meet level 3
Copyright © 2005 InfoGard Laboratories Proprietary 8
Potting Encapsulation Attacks
• Potting encapsulations are typically compromised with Heat or Solvents without causing damage to the underlying circuitry
• Mechanical methods may also be effective
Type Tools Approach
Potting Encapsulation
1. Heat Gun
2. Soldering Iron
3. Household cleaners
4. Dremel
• Apply heat above thresholds in data sheet
• Submerge or brush on solvent. Usually takes approximately 4 hours to see compromise
• Mill away at material but care must be taken when near the components
Note: These attack methods are only applicable for Level 4 modules
Copyright © 2005 InfoGard Laboratories Proprietary 9
Enclosures and Tamper Switches
• Tamper switches are the most common mechanisms used to protect modules with metallic and/or plastic enclosures
– Tamper switches prevent unauthorized access by detecting an opening of the module’s cover and/or doors
– Upon detection, the module responds by zeroizing all plaintext critical security parameters
– Zeroization leaves the module and its information virtually without value
Copyright © 2005 InfoGard Laboratories Proprietary 10
Enclosures and Tamper Switches
• Variety of Tamper Switches (sample of most common)
– Micro-switches are the most basic switch. These types of switches are engaged when the module’s enclosure (covers and/or doors) are closed and force is applied. When the enclosure is opened, the switch releases, which in turn causes a tamper event.
– Pressure contacts function in a similar manner as the micro-switch. With this approach, there are typically two conductive pads designed on a PCB board (rather than a separate component). When the module’s covers/doors are closed, the two pads become shorted typically by a conductive membrane (commonly seen in keypads). When the enclosure is opened, the conductive membrane no longer provides the conductive link between the two pads, creating an open circuit, and causing the module to respond with a tamper event.
– Reed switches respond to the polarity of a magnetic source in close proximity. Typically, the module’s enclosure is fixed with a magnet to engage a reed switch, which is mounted on the module’s PCB. When the enclosure is opened, the magnetic source moves further apart from the reed switch, eventually causing a tamper event.
Copyright © 2005 InfoGard Laboratories Proprietary 11
Type of Switch Tools Approach
Micro-switch 1. Custom tool
2. Glue
Utilizing a custom tool to hold the switch down as the enclosure is opened, applying glue to the actuator of the switch to keep it engaged, and filling the whole chassis with a material that would keep the switch engaged
Pressure contacts
1. Needle
2. Ink
Gain access to the contacts and apply conductive ink, shorting the contacts pads, and making the device believe that the conductive membranes were never released
Reed Switch 1. Magnet Introduce a strong magnetic force directly over the location of the reed switch prior to opening the enclosure; avoiding the introduction of the internal magnet with opposite polarity
Enclosures and Tamper Switch Attacks
• Tamper switches are extremely easy to defeat. – Challenge largely depends on whether or not the objective is to limit
or have no visible evidence of tamper.
Note: The testing limitations (e.g., no drilling, milling, grinding, or dissolving) for FIPS 140-2 Level 3 make tamper switches an acceptable solution. However, the testing limitations are removed on FIPS 140-2 Level 4, so in order to achieve compliance would require additional security features
Copyright © 2005 InfoGard Laboratories Proprietary 12
Enclosures and Tamper Wrappers
• A tamper wrapper is a flexible film that has conductive traces on it, used to fully enclose the cryptographic module
• Depending on the material and the characteristics a tamper wrapper can also protect against a variety of other attacks, including:chemicals, heat, cutting, grinding, and drilling
ProtectiveLayer
SerpentineLayer
Insulation Layer
Conductive DrillPlate Layer
Substrate
Copyright © 2005 InfoGard Laboratories Proprietary 13
Enclosures and Tamper Wrappers
• Strength Differentiators: – Number of tamper layers within the
film;– Width and distance between traces;– Visibility of the traces;– Trace material– Folding/wrapping methodology
• Two commonly deployed tamper wrappers
– Copper - relatively durable against mechanical, chemical, and high temperature based attacks
– Conductive Ink – more sensitive then copper based solutions
• Tamper wrappers that exhibit high impedance characteristics are typically harder to defeat because of their ability to monitor a change in voltage potential when attacked
ProtectiveLayer
SerpentineLayer
Insulation Layer
Conductive DrillPlate Layer
Substrate
Copyright © 2005 InfoGard Laboratories Proprietary 14
Enclosures and Tamper Wrapper Attacks
Visibility & Accessibility: – Mechanical tools– Chemical exposure– Abrasives– Electrical blasters– Heat exposure– X-Ray– Statically charge the conductive
traces– Heat dissipation
Type Tools Approach
Copper 1. Soldering Iron • Once the traces are accessible, they are also relatively easy to bypass, either by unwrapping the tamper wrapper or by penetrating the wrapper after shorting traces
Conductive Ink
1. Conductive Material
• Same as above
Copyright © 2005 InfoGard Laboratories Proprietary 15
Physical Security ProtectionsConclusion
• Physical attacks are possible
• Tools available at hardware and hobby stores– Less than $100 USD
• FIPS 140-3 Considerations:– Decrease laboratory testing
limitations at Level 3