A cool study from a Cryptech contributor seen today : Improving Master Key storage in military grade crypto-anarchist Crypto-Devices.

Mar 13 18:29 [raw]

********* *DÉBUT CONTENU CHIFFRÉ ou SIGNÉ* ********* Aloha! I've done a short study on a possible way to improve the master key memory in Cryptech. Based on the survey below, using a Lattice iCE40LP device looks promising. Esp in the light of the available open tool suite based on Yosys. (A more) Intelligent Master Key Memory ====================================== The current Master Key Memory (MKM) is implemented using a simple, serial RAM connected to the FPGA via SPI. On the alpha board there is support for powering the RAM chip with a battery connected via a switch. This provides a first, rudimentary possible way to achive tamper protection of the master key. There are however specialized security devices that provides integrated tamper detection, key memory anti-remanence functionality etc. One such family of devices are the DeepCover Security Managers by Maxim: https://para.maximintegrated.com/en/search.mvp?fam=sec_super&1351=Yes There are several devices, for example a small chip with 64 byte storage: https://www.maximintegrated.com/en/products/power/supervisors-voltage-monitors-sequencers/DS3600.html For transparency reasons we would rather implement our own master key storage using "stupid" chips, nor rely on a black box solution (which the Maxim chip really is). One solution discussed is to use a very small, low power FPGA with non-volatile fabric configuration. The master key is stored in discrete registers or block RAM. The FPGA logic implements tamper detect and key destruction mechanisms etc. One key function provided by the Maxim device is ant-remanence functionality. I found a good article about SRAM remanence and counter mechanisms for key storage: https://www.design-reuse.com/articles/17660/on-chip-sram-data-remanance-attacks.html Either flip bits periodically or move key in memory. Key flip by XORing with 0xff...ff. When key is moved erase old key and then write pattern 0xaa...aa or 0x55...55 to the old place (and all other places where the key isn't stored. Requires a separate pointer register that should also be wiped during tamper detect. Suggested time between anti-remanence operations in the article is 5 minutes. Suggested list of features -------------------------- MUST provide - Key memory. At least 128 bit. But possibly at least 64 bytes. - Anti-remanence (eg complementing, movement) of key memory. Including counter to trigger anti-remanence operation. - Tamper response wipining and overwriting of key memory. - Tamper-detect logic input. At least one pin. Level triggered. - SPI, I2C or UART interface MAY provide - Access control (password to unlock) - Tamper detect with comparators (for example temperature) - Tamper event logging. x events rolling log. - Real time-ish clock for timestamp of log. Things to consider when using FPGAs to build a secure memory ------------------------------------------------------------ - Clocks. External or internal - Sleep modes. How to react fast if sleeping? - Debug and scan ports (JTAG). Can they be locked down? - Static power consumption - Free (good) or even open (better) tools - Package types Lattice Semi –--------––– iCE40 LP are the smallest devices with lowest power consumption available. As low as 21uA in static power. SRAM-based, but with on-chip non-volatile configuration memory. Can configure itself from boot. Have internal clocks (48 MHz, 32 kHz). http://www.latticesemi.com/Products/FPGAandCPLD/iCE40 Data sheet: http://www.latticesemi.com/view_document?document_id=49312 Example packages: - 16-ball CSP - 32-pin QFN Free tool - iCEcube2: http://www.latticesemi.com/Products/DesignSoftwareAndIP/FPGAandLDS/iCEcube2 Open tool, reverse engineered bitstream. Based on Yosys. Right now smallest device supported is iCE40-LP384-QN32. http://www.clifford.at/icestorm/ Eval board: http://www.latticesemi.com/icestick Actel (Microsemi) ----------------- IGLOO Nano. Down to 2uW in Flash Freeze mode. Embedded SRAM and NVM. Flash based. Security focused device. Configuration protected with AES-128. No internal clock. Data sheet: https://www.microsemi.com/document-portal/doc_download/130695-ds0110-igloo-nano-low-power-flash-fpgas-datasheet Example packages - 36-ball CSP - 48-pin QFN Free tool (Libero SoC): https://www.microsemi.com/products/fpga-soc/design-resources/design-software/libero-soc -- Med vänlig hälsning, Yours Joachim Strömbergson - Assured AB ======================================================================== ********** *FIN CONTENU CHIFFRÉ ou SIGNÉ* **********

Mar 13 22:46 [raw]

> The master key is stored in discrete registers or block RAM. The FPGA logic implements tamper detect and key destruction mechanisms etc. 1. Fragment every key into multiple parts with each variable chunk stored in random memory locations. 2. These random chunks are each encrypted with session keys. 3. The device on the other side of the serial cable never has access to this memory or the session key passwords. Profit!

[chan] Crypto-Anarchist Federation