Design Concepts for Tamper Responding Systems
If cryptography is to be used to provide trustworthy information processing systems for society, the important problems of shielding and tamper-safing must be effectively solved by non-secret designsl. Shielding techniques for protecting mechanisms against analysis of their radiated signal energy seem to be rather well understood, and are not discussed here. Tamper-sating systems can be divided between those which merely indicate tampering to an inspector, and those systems which can detect tampering and can respond by, for example, destroying some secret information. In some cases it may be desirable to augment a tamper-responding system with tamper-indicating techniques and periodic inspections, in order to place an upper bound on the amount of time available for compromise of the tamper-responding system. The present work, however, focuses on design concepts for tamper-responding systems.
KeywordsSensor System Secret Information Attack Scenario Periodic Inspection Aggregate Layer
Unable to display preview. Download preview PDF.
- (1).Chaum, David, Computer Systems Established, Maintained and Trusted by Mutually Suspicious Groups, Memorandum UCB/ERL M79/10, UC Berkeley, February 1979, Also as dissertation.Google Scholar
- (2).Baran, Paul, On Distributed Communications: IX Security Secrecy and Tamper-Free Considerations, Memo RRM-3765-pr, Rand Corp., Santa Monica CA, August 1964.Google Scholar
- (3).Miska, Herbert, Command-Break Glass and Glass Ceramics, Corning Glass Works, Corning NY.Google Scholar
- (4).McManus, J., and Engel, A., Tamper Resistant Unattended Safeguards Techniques, IAEA Symposium on Progress in Safeguards Techniques, Karlsruhe Germany, July 1970.Google Scholar
- (5).Ney, J., Surveillance and Containment Instrumentation for International Safegaurds, Annual Meeting of the Institute of Nuclear Materials Management, Washington DC, June 1977.Google Scholar