summaryrefslogtreecommitdiff
path: root/paper/tches-22-01-changes.tex
diff options
context:
space:
mode:
Diffstat (limited to 'paper/tches-22-01-changes.tex')
-rw-r--r--paper/tches-22-01-changes.tex106
1 files changed, 106 insertions, 0 deletions
diff --git a/paper/tches-22-01-changes.tex b/paper/tches-22-01-changes.tex
new file mode 100644
index 0000000..7857125
--- /dev/null
+++ b/paper/tches-22-01-changes.tex
@@ -0,0 +1,106 @@
+\documentclass[a4paper]{scrartcl}
+\usepackage[T1]{fontenc}
+\usepackage{amssymb,amsmath}
+\usepackage{eurosym}
+\usepackage{wasysym}
+\usepackage{amsthm}
+\usepackage{censor}
+\usepackage[
+ backend=biber,
+ style=numeric,
+ natbib=true,
+ url=false,
+ doi=true,
+ eprint=false
+ ]{biblatex}
+\addbibresource{ihsm.bib}
+
+
+\makeatletter
+\@ifclasswith{iacrtrans}{submission}{
+ \newcommand{\censorIfSubmission}[1]{\censor{#1}{\scriptsize[Author information removed for double-blind peer review]}}
+}{
+ \newcommand{\censorIfSubmission}[1]{#1}
+}
+\makeatother
+
+\usepackage[binary-units]{siunitx}
+\DeclareSIUnit{\baud}{Bd}
+\DeclareSIUnit{\year}{a}
+\usepackage{commath}
+\usepackage{graphicx,color}
+\usepackage{subcaption}
+\usepackage{array}
+\usepackage{hyperref}
+
+\renewcommand{\floatpagefraction}{.8}
+\newcommand{\degree}{\ensuremath{^\circ}}
+\newcolumntype{P}[1]{>{\centering\arraybackslash}p{#1}}
+\newcommand{\partnum}[1]{\texttt{#1}}
+
+\begin{document}
+\title{Can't Touch This: Inertial HSMs Thwart Advanced Physical Attacks}
+\subtitle{Changes of Major Revision compared to version submitted to TCHES 20/4}
+\maketitle
+
+This document lists the requested revisions we identified from the reviewers comments and explains how we adressed these
+requests.
+
+\paragraph{Lack of discussion of operational constraints}
+
+As pointed out by Reviewer~B, our initial submission lacked a detailed discussion of the operational constraints of
+Inertial Hardware Security Modules. We have adressed this with more than two pages of new content on the operation of
+IHSMs in the new Sections~3.5 ``Long-Term Operation'' and~3.6 ``Transportation''.
+% FIXME
+
+\paragraph{Lack of discussion of improved cooling capabilities of IHSMs compared to traditional HSMs}
+
+As Reviewer~D pointed out, our initial submission alluded to the possibility of facilitating cooling airflow through an
+IHSM's security mesh and noted that this would allow for greater processing capabilities, but did not go into detail on
+the extent of this effect. In our revised paper, we have extended Section~3.4 ``Mechanical Layout'' with an
+order-of-magnitude estimation of this effect based on real-world benchmarks and information available from vendors of
+traditional HSMs.
+
+\paragraph{Mechanical Rotating Stage Attacks}
+
+As pointed out by Reviewer~D, in our original submission our discussion of the Swivel Chair Attack discusses attacks by
+by a rotating human attacker in depth and mentions the possibility of a fully mechanized attack robot. However, our
+initial submission did not go into detail on the constraints of such a fully mechanized attack. In our revised paper we
+have completed our discussion in this section with one half page of new content and one new diagram discussing
+fully mechanized attack robots.
+
+\paragraph{Comparison of IHSM attacks to those on traditional HSMs}
+
+In addition to the previous point, Reviewer~D pointed out that the discussion of attacks on IHSMs in our initial
+submission would have benefited from a more thorough contextualization of the attacks possible on traditional HSMs. In
+response, we have significantly extended Section~4 ``Attacks'' with one page of new content in two new Subsections~4.2
+``Attacks that don't work'' and~4.3 ``Attacks that work on any HSM'' that provide this missing context to guide the
+reader.
+
+\paragraph{Notes on future work}
+Reviewer~D stated that they would find an outlook on the next design steps towards a practically usable design
+interesting. We have adressed this at the end of Section~7 ``Conclusion'' to the extent of our current plans.
+
+\paragraph{Design Artifact Availability}
+Reviewer~D state that acceess to design artifacts would be useful for readers of the paper. While we cannot make our
+design artifacts available as part of the peer review process as they contain a multitude of references to the
+identities of the authors and their employer, we have added a brief appendix that in the publication version of our
+paper will contain a link to the open-source repository containing all hardware, software and paper sources relating to
+our research project.
+
+\paragraph{Detailed discussion of contactless attacks}
+
+Reviewer~C noted that like a traditional HSM an IHSM cannot prevent contactless attacks such as electromagnetic
+sidechannel attacks or laser fault injection. While our initial submission acknowledged this property of our design, our
+original submission did not provide a detailed discussion of its extent. In our revised paper, we have added a new
+Section~4.2 ``Attacks that work on any HSM'' that provides more detail on contactless attacks. In this section we
+observe that the IHSM design allows for some mitigations against contactless attacks due to the physically larger space
+it can provide to its payload.
+
+\paragraph{Justification of mesh monitor power consumption estimates}
+
+A point noted by Reviewer~B is that in our initial submission we provided an estimate on the current consumption of an
+IHSM monitoring cirucit without providing a detailed justification of our estimate. In response, we have extended
+Section~5.3 ``Power transmission from Stator to rotor'' with a more detailed justification of this estimate.
+
+\end{document}
generated by cgit (git 2.34.1) at 2024-05-19 01:15:04 +0000