Tamper Resistance of SmartCards -- NitroKey Pro/ KernelConcepts
gniibe at fsij.org
Mon Jun 27 10:47:28 CEST 2016
On 06/24/2016 06:21 PM, Andreas Fenkart wrote:
> I'm only interested in creating signatures for FW releases. What
> confuses me is the claim made by NitroKey that it is "tamper
> resistant". I guess kernelconcepts card being a BasicCard should be
> "tamper resistant" as well.
IIUC, NitroKey Pro uses ZeitControl smartcard for crypto computation.
So, it is same as a chip.
I think that the term "tamper resistance" is usually used for a chip,
if it has some counter measure against some sort of physical attacks.
Please note that it doesn't directly mean it can be safe device as a
whole. I think that we also need some "tamper resistance" in
Well, the combination of smatcard chip + USB MCU (which works as a
card reader) is a kind of practice for a token. And people discuss it
is good as it's has "tamper resistance" feature (in the chip level).
I think that the combo is generally good thing, but we also know that
this could have a different type of attack vector.
Suppose that an attacker has enough time&budget to manufacture similar
looking device, and it is possible for the attacker to access to my
device multiple times (say, at nights). Then, there is a scenario
(1) he steals my device when I sleep.
(2) he extracts the smartcard chip from my device. Then, using the
chip, he makes a token replacing MCU or MCU's firmware. The card
reader part will have a special malicious feature recording PIN of
mine in the communication. And he puts back the device to me,
before I wake.
(3) I just keep using my device. I don't notice the change because
"it just works".
(4) he again steals my device, at another night.
(5) Since PIN is recorded in the MCU, my private keys are under
control by him now (even if the chip itself is "secure").
I usually recommend implementing some counter measure as a device by
customizing your own device. Here are examples:
I don't know if it's an effective counter measure or not. Anyway, I
If it's an effective counter measure, do we need chip level counter
measure? That's my question.
Already, I know that an effective counter measure is never sleeping.
Please don't suggest this method. :-)
More information about the Gnupg-users