Many solutions exist to supply Federal Information Processing Standard (FIPS) Revision 2, Level 1 and Level 2 digital encryption.1 However, Levels 3 and 4 require monitoring of the environment. Level 3 could be implemented with tamper switches, but they can be bypassed with jumpers or a paper clip. More sophisticated switch sensors require some filtering and deglitching. Level 4 requires monitoring of the supply voltages and temperature. For best results, all of these functions should be as compact as possible.
This idea presents an IC that provides polarity-selectable, filtered tamper-switch detection, as well as overvoltage, undervoltage, battery-switchover, low-battery, overtemperature, and under-temperature monitoring for addition to an existing FIPS 140-2 Level 2 system. Included are details for the physical layout of the system, temperature trip-point control, and voltage monitoring.
For FIPS Level 3, the MSFIPS IC’s physical security mechanisms include the use of tamper-detection switches and response circuitry that zeroes all plain-text critical security parameters when the removable covers or doors of the cryptographic module are opened.2 The IC provides four filtered switch inputs for use with tamper switches (Fig. 1).
Further, designers can set three of the switches to either normally open or normally closed to make jumper bypassing more difficult. The system’s physical design must keep the switches away from any sides or slots. Hair pins and paper clips have been used to hold switches in a “noalarm” state.3 Even magnetic switches have been compromised by introducing another magnet near the switch to hold it in the correct position.
FIPS 140-2 Level 4 requires monitoring the environment in which the system is located to clear out any unencrypted data from RAM. To stop the processor from clearing memory, techniques include glitching (fast resetting of the Reset or Clock inputs) and voltage variation of the supply4 and temperature.4,5
The IC contains a bandgap reference with two preset supply levels—3.3 V and 5.0 V. If the supply voltage is greater than or less than a nominal voltage, the Security Alarm output goes low. Separate from the overvoltage/undervoltage alarm is a Power Failure output, whose trip point can be set externally with two resistors, and a Battery Low output, which goes high when the battery input is below 2.4 V.
Temperature allows some random modification of memory locations, as well as preventing the occurrence of reading or writing operations of RAM. The temperature sensor uses a temperature-to-voltage converter. Temperature settings are adjusted with a resistor divider to two comparators (Fig. 2). This configuration allows precise setting of the temperature range for the alarm.
Quickly hitting the reset button or momentarily disconnecting the power connector causes glitches that stop code from executing and data from being recovered. Designers can prevent this by running the reset signal to the voltage compare/delay circuitry and using battery backup.
An additional note on FIPS 140-2 Level 4 is important. After the standard was agreed to, a simple technique to hack boxes was discovered. By monitoring and capturing the voltage variations on the supply with a digital storage scope external to the secure box, an intruder can determine the program being executed and obtain the key. To prevent this, firmware code execution should not be linear. The more jumps, the more difficult it would be to decode.
References:
1. National Institute of Standards and Technology (NIST)
2. R. Anderson, et al., “Cryptographic Processors—A Survey,” Proceedings of the IEEE, Vol. 94, No. 2, pp. 357-369, Feb. 2006.
3. R. Johnston, et al., “How to Design a Physical Security Device, System, or Program,” ASIS Conference 2007.
4. H. Bar-el, et al., “The Sorcerer’s Apprentice Guide to Fault Attacks,” Proceedings of the IEEE, Vol. 94, No. 2, pp. 370-382, Feb. 2006.
5. “Hackers Decrypt Computer by Freezing Memory,” www.foxnews.com/story/0,2933,332368,00.html
