summaryrefslogtreecommitdiff
path: root/posts/ihsm-worlds-first-diy-hsm/index.html
blob: da534066671351ded97a64e4f6d0ae3b81b59e14 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
<!DOCTYPE html>
<html lang="en-us">
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>New Paper on Inertial Hardware Security Modules | jaseg.de</title>
    <link rel="stylesheet" href="/css/style.css" />
    <link rel="stylesheet" href="/css/fonts.css" />
    
    <header>

  
  <link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/styles/atom-one-light.min.css">
  <script src="//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/highlight.min.js"></script>
  <script>hljs.initHighlightingOnLoad();</script>
  <nav>
    <ul>
      
      
      <li class="pull-left ">
        <a href="https://blog.jaseg.de/">/home/jaseg.de</a>
      </li>
      

      

    </ul>
  </nav>
</header>

  </head>

  <body>
    <br/>

<div class="article-meta">
<h1><span class="title">New Paper on Inertial Hardware Security Modules</span></h1>

<h2 class="date">2021/11/23</h2>
<p class="terms">
  
  
  
  
  
</p>
</div>



<main>
<div class="document" id="world-s-first-diy-hsm">
<h1 class="title">World's First DIY HSM</h1>

<p>Last week, Prof. Dr. Björn Scheuermann and I have <a class="reference external" href="https://tches.iacr.org/index.php/TCHES/article/view/9290">published our first joint paper on Hardware Security Modules</a>. In our paper, we introduce Inertial Hardware Security
Modules (IHSMs), a new way of building high-security HSMs from basic components.  I think the technology we demonstrate
in our paper might allow some neat applications where some civil organization deploys a service that no one, not even
they themselves, can snoop on. Anyone can built an IHSM without needing any fancy equipment, which makes me optimistic
that maybe the ideas of the <a class="reference external" href="https://www.activism.net/cypherpunk/manifesto.html">Cypherpunk movement</a> aren't obsolete
after all, despite even the word &quot;crypto&quot; having been co-opted by radical capitalist environmental destructionists.</p>
<p>An IHSM is basically an ultra-secure enclosure for something like a server or a raspberry pi that even someone with
unlimited resources would have a really hard time cracking without destroying all data stored in it. The principle of an
IHSM is the same as that of a <a class="reference external" href="https://blog.jaseg.de/posts/hsm-basics/">normal HSM</a>. You have a payload that contains really secret data. There's really no way
to prevent an attacker with physical access to the thing from opening it given enough time and abrasive discs for their
angle grinder. So what you do instead is that you make it self-destruct its secrets within microseconds of anyone
tampering with it. Usually, such HSMs are used for storing credit card pins and other financial data. They're expensive
as fuck, all the while being about the same processing speed as a smartphone.  Traditional HSMs use printed or
lithographically patterned conductive foils for their security mesh. These foils are not an off-the-shelf component and
are made in a completely custom manufacturing process. To create your own, you would have to re-engineer that entire
process and probably spend some serious money on production machines.</p>
<p>Inertial HSMs take the concept of traditional HSMs, but replace the usual tamper detection mesh with a few security mesh
PCBs. These PCBs are coarser than traditional meshes by orders of magnitude, and would alone not even be close to enough
to keep out even a moderately motivated attacker. IHSMs fix this issue by spinning the entire tamper detection mesh at
very high speed.  To tamper with the mesh, an attacker would have to stop it. This, in turn, can be easily detected by
the mesh's alarm circuitry using a simple accelerometer as a rotation sensor.</p>
<p>In our paper, we have shown a working prototype of the core concepts one needs to build such an IHSM.  To build an IHSM
you only need a basic electronics lab. I built the prototype in our paper at home during one of Germany's COVID
lockdowns.  You can have a look at our code and CAD on <a class="reference external" href="https://git.jaseg.de/ihsm.git">my git</a>. What is missing right
now is an integration of all of these fragments into something cohesive that an interested person with the right tools
could go out and build. We are planning to release this sort of documentation at some point, but right now we are
focusing our effort on the next iteration of the design instead. Stay tuned for updates ;)</p>
</div>
</main>

    <footer>
      
<script>
(function() {
  function center_el(tagName) {
    var tags = document.getElementsByTagName(tagName), i, tag;
    for (i = 0; i < tags.length; i++) {
      tag = tags[i];
      var parent = tag.parentElement;
      
      if (parent.childNodes.length === 1) {
        
        if (parent.nodeName === 'A') {
          parent = parent.parentElement;
          if (parent.childNodes.length != 1) continue;
        }
        if (parent.nodeName === 'P') parent.style.textAlign = 'center';
      }
    }
  }
  var tagNames = ['img', 'embed', 'object'];
  for (var i = 0; i < tagNames.length; i++) {
    center_el(tagNames[i]);
  }
})();
</script>

      
      <div id="license-info">
           &#169;2020 by Jan Götte. This work is licensed under
           <a href="https://creativecommons.org/licenses/by-nc-sa/4.0/">CC-BY-NC-SA 4.0</a>.
      </div>
      <div id="imprint-info">
           <a href="/imprint">Impressum und Haftungsausschluss und Datenschutzerklärung</a>.
      </div>
    </footer>
  </body>
</html>