summaryrefslogtreecommitdiff
path: root/posts/ihsm-worlds-first-diy-hsm/index.html
diff options
context:
space:
mode:
Diffstat (limited to 'posts/ihsm-worlds-first-diy-hsm/index.html')
-rw-r--r--posts/ihsm-worlds-first-diy-hsm/index.html119
1 files changed, 0 insertions, 119 deletions
diff --git a/posts/ihsm-worlds-first-diy-hsm/index.html b/posts/ihsm-worlds-first-diy-hsm/index.html
deleted file mode 100644
index 875f10e..0000000
--- a/posts/ihsm-worlds-first-diy-hsm/index.html
+++ /dev/null
@@ -1,119 +0,0 @@
-<!DOCTYPE html>
-<html lang="en-us">
- <head>
- <meta charset="utf-8">
- <meta name="viewport" content="width=device-width, initial-scale=1">
- <title>New Paper on Inertial Hardware Security Modules | blog.jaseg.de</title>
- <link rel="stylesheet" href="/css/style.css" />
- <link rel="stylesheet" href="/css/fonts.css" />
-
- <header>
- <nav>
- <ul>
-
-
- <li class="pull-left ">
- <a href="https://blog.jaseg.de/">/home/blog.jaseg.de</a>
- </li>
-
-
-
-
- </ul>
- </nav>
-</header>
-
- </head>
-
- <body>
- <br/>
-
-<div class="article-meta">
-<h1><span class="title">New Paper on Inertial Hardware Security Modules</span></h1>
-
-<h2 class="date">2021/11/23</h2>
-<p class="terms">
-
-
-
-
-
-</p>
-</div>
-
-
-
-<main>
-<div class="document" id="world-s-first-diy-hsm">
-<h1 class="title">World's First DIY HSM</h1>
-
-<p>Last week, Prof. Dr. Björn Scheuermann and I have <a class="reference external" href="https://tches.iacr.org/index.php/TCHES/article/view/9290">published our first joint paper on Hardware Security Modules</a>. In our paper, we introduce Inertial Hardware Security
-Modules (IHSMs), a new way of building high-security HSMs from basic components. I think the technology we demonstrate
-in our paper might allow some neat applications where some civil organization deploys a service that no one, not even
-they themselves, can snoop on. Anyone can built an IHSM without needing any fancy equipment, which makes me optimistic
-that maybe the ideas of the <a class="reference external" href="https://www.activism.net/cypherpunk/manifesto.html">Cypherpunk movement</a> aren't obsolete
-after all, despite even the word &quot;crypto&quot; having been co-opted by radical capitalist environmental destructionists.</p>
-<p>An IHSM is basically an ultra-secure enclosure for something like a server or a raspberry pi that even someone with
-unlimited resources would have a really hard time cracking without destroying all data stored in it. The principle of an
-IHSM is the same as that of a <a class="reference external" href="https://blog.jaseg.de/posts/hsm-basics/">normal HSM</a>. You have a payload that contains really secret data. There's really no way
-to prevent an attacker with physical access to the thing from opening it given enough time and abrasive discs for their
-angle grinder. So what you do instead is that you make it self-destruct its secrets within microseconds of anyone
-tampering with it. Usually, such HSMs are used for storing credit card pins and other financial data. They're expensive
-as fuck, all the while being about the same processing speed as a smartphone. Traditional HSMs use printed or
-lithographically patterned conductive foils for their security mesh. These foils are not an off-the-shelf component and
-are made in a completely custom manufacturing process. To create your own, you would have to re-engineer that entire
-process and probably spend some serious money on production machines.</p>
-<p>Inertial HSMs take the concept of traditional HSMs, but replace the usual tamper detection mesh with a few security mesh
-PCBs. These PCBs are coarser than traditional meshes by orders of magnitude, and would alone not even be close to enough
-to keep out even a moderately motivated attacker. IHSMs fix this issue by spinning the entire tamper detection mesh at
-very high speed. To tamper with the mesh, an attacker would have to stop it. This, in turn, can be easily detected by
-the mesh's alarm circuitry using a simple accelerometer as a rotation sensor.</p>
-<p>In our paper, we have shown a working prototype of the core concepts one needs to build such an IHSM. To build an IHSM
-you only need a basic electronics lab. I built the prototype in our paper at home during one of Germany's COVID
-lockdowns. You can have a look at our code and CAD on <a class="reference external" href="https://git.jaseg.de/ihsm.git">my git</a>. What is missing right
-now is an integration of all of these fragments into something cohesive that an interested person with the right tools
-could go out and build. We are planning to release this sort of documentation at some point, but right now we are
-focusing our effort on the next iteration of the design instead. Stay tuned for updates ;)</p>
-</div>
-</main>
-
- <footer>
-
-<script>
-(function() {
- function center_el(tagName) {
- var tags = document.getElementsByTagName(tagName), i, tag;
- for (i = 0; i < tags.length; i++) {
- tag = tags[i];
- var parent = tag.parentElement;
-
- if (parent.childNodes.length === 1) {
-
- if (parent.nodeName === 'A') {
- parent = parent.parentElement;
- if (parent.childNodes.length != 1) continue;
- }
- if (parent.nodeName === 'P') parent.style.textAlign = 'center';
- }
- }
- }
- var tagNames = ['img', 'embed', 'object'];
- for (var i = 0; i < tagNames.length; i++) {
- center_el(tagNames[i]);
- }
-})();
-</script>
-
-
- <div id="license-info">
- &#169;2020 by Jan Götte. This work is licensed under
- <a href="https://creativecommons.org/licenses/by-nc-sa/4.0/">CC-BY-NC-SA 4.0</a>.
- </div>
- <div id="imprint-info">
- <a href="/imprint">Impressum und Haftungsausschluss und Datenschutzerklärung</a>.<br/>
- <a href="/about">About this blog</a>.
- </div>
- </footer>
- </body>
-</html>
-