Re: [Full-disclosure] round and round they go, keys in ram are ripe for picking...

On Fri, Feb 22, 2008 at 10:05 AM, Michael Holstein
<michael.holstein@xxxxxxxxxxx> wrote:
FIPS 140-1 [] addresses this.
* The contents of the module shall be completely contained within a
tamper detection envelope...
* The module shall contain tamper response and zeroization
circuitry. ...
* The module shall either include environmental failure protection
(EFP) features or undergo environmental failure testing (EFT) ..

i'm fond of tamper resistant / evident packaging, but this is usually
applied to persistent key storage rather than working system memory.
works well for authentication tokens and such, even if these methods
can also be bypassed with some effort.
(see and their disassemblies at )

tamper resistant cases are bit more fun, like the blackbox [0] pelican
padlock'ed with zeroization / panic button. however, after reading
this paper, it appears that secure overwrite of all key scrubbed
memory and other sensitive locations would be preferable to simple
power off, even if the case is a pain to open...

a fun attack, to be sure.

0. DefCon 13 black box challenge

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -