Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defenses
As the value of data on computing systems increases and operating systems become more secure, physical attacks on computing systems to steal or modify assets become more likely. This technology requires constant review and improvement, just as other competitive technologies need review to stay at the leading edge.
This paper describes known physical attacks, ranging from simple attacks that require little skill or resource, to complex attacks that require trained, technical people and considerable resources. Physical security methods to deter or prevent these attacks are presented. The intent is to match protection methods with the attack methods in terms of complexity and cost. In this way cost effective protection can be produced across a wide range of systems and needs.
Specific technical mechanisms now in use are shown, as well as mechanisms proposed for future use. Common design problems and solutions are discussed with consideration for manufacturing.
KeywordsSmart Card Secret Data Physical Security Physical Attack Automate Teller Machine
- 1.R. Anderson, M. Kuhn, ‘Tamper Resistance-A Cautionary Note’, The Second USENIX Workshop on Electronic Commerce Proceedings, Oakland, California, November 18-21, 1996, pp 1–11, ISBN 1-880446-83-96.Google Scholar
- 2.R. Anderson, M. Kuhn, ‘Low Cost Attacks on Tamper Resistant Devices’Google Scholar
- 3.R. E. Anderson, ‘Bank Security’, Butterworth Publishers 1981, pp. 9l–93.Google Scholar
- 4.S. Chari, C.S. Jutla. J.R. Rao, and P. Rohatgi. ‘A Cautionary note regarding evaluation of AES candidates on smart cards’. Proceedings of Second AES Conference, Rome, Mar 1999.Google Scholar
- 5.David Chaum, ‘Concepts for Design of Tamper Responding Systems’, Advances inCryptology, Proceedings of Crypto’ 83, Plenum Press 1984, pp.387-392.Google Scholar
- 6.Andrew l. Clark, ‘Physical Protection of Cryptographic Devices’, presented atEurocrypt’ 87, Amsterdam.Google Scholar
- 8.G. P. Double, ‘Physical Security for Transaction Systems: A Design Methodology’, IBM Technical Report, TR 83.227 IBM 1990.Google Scholar
- 10.P. Kocher, J. Jaffe and B. Jun. ‘Introduction to Differential Power Analysis and Related Attacks.’ Manuscript, Cryptography Research, Inc. 1998.Google Scholar
- 12.W. L. Price, ‘Physical Security of Transaction Devices’, NPL Technical Memo DITC 4/86, National Physical Laboratory, Jan, 1986.Google Scholar
- 13.S.W. Smith, S.H. Weingart, ‘Building a High Performance, Programmable Secure Coprocessor.’ Computer Networks (Special Issue on Computing Network Security). 31: 831–860. April 1999.Google Scholar
- 14.S.W. Smith, V. Austel, R. Perez, S. Weingart. ‘Validating a High-Performance, Programmable Secure Coprocessor or, the World’s First FIPS 140-1 Level 4.’ 22nd National Information Systems Security Cconerence, October 199.Google Scholar
- 15.S. H. Weingart, ‘Physical Security for the uABYSS System’, Proceedings of IEEE Symposium on Security and Privacy 1987, IEEE Publications, pp. 52–58.Google Scholar
- 16.S. H. Weingart, S. White, W. Arnold, and G. Double, ‘An Evaluation System for the Physical Security of Computing Systems’, Proceedings of the Sixth Annual Computer Security Applications Conference 1990, IEEE Publications, pp. 232–243.Google Scholar