Re: Erasing an OTP file on a SD card.

From: Andrew Swallow (am.swallow_at_eatspam.btinternet.com)
Date: 07/27/04


Date: Tue, 27 Jul 2004 15:55:02 +0000 (UTC)


"Cesar Bremer Pinheiro" <cesarbremer@raseac.com.br> wrote in message
news:4c3656f.0407270637.1632b61b@posting.google.com...
[snip]
> In this kind of hardware we have an option to use a SDCard to store
> the OTP files, and after finishing a call, the system erases the OTP
> data used.
>
> My question is: In a SDCard, writing once is enough to erase the
> previous content?

What you can say is that security is enhanced by overwriting the key.
The opponent will have to take the chip to an electron microscope.

To maintain security physical destruction of the SDCard is required.
Approved methods are:
1. melting the SDCard and its chips down
2. destruction in an acid bath

Emergency destruction can be performed by chopping the SDCard
and chip up, possibly using an axe or by firing a bullet through it.
Scatter the parts.

The SDCard will still need a serial number.

Andrew Swallow



Relevant Pages

  • Re: Erasing an OTP file on a SD card.
    ... > SDCard will need to be stoled and analysed in a more difficult way. ... > want security, in this case the best way to deal with this situation ... Don't use a secure phone. ... The device storing the OTP itself ensures that it can be read only once. ...
    (sci.crypt)
  • Re: Erasing an OTP file on a SD card.
    ... >> When you are talking about erasing the OTP files, ... I posted a question regarding SDCard and not about OTP. ... I write that i implemented OTP under AES, and i do that because i know ... And about erasing a SDCard, i posted my question asking about a SDCard ...
    (sci.crypt)