These are notes that I am leaving myself - in a place where I can always get to them as needed - about things that are interesting, useful, or otherwise notable to me. However, they may be interesting, useful, or notable to other people too. Caveat lector: no warranty, express or implied, is made that they are.
Correction of fact is always welcome in the comments.
Wednesday, February 12, 2014
Tuesday, January 28, 2014
ARCANUM : DESIGN : Self-validating tamper-evident enclosure based on bead-epoxy composite
ORIGINALITY
Original, to the best of my knowledge, as of 27 January, 2014. Derivation of work from 2002.
EXPOSITION
Recent disclosures about potential tampering with electronics during shipment suggest a need for tamper-resistant and -evident hardware. A recollection of earlier work in the field brought to mind the use of glass microspheres and epoxy resin to create unique cryptographic tokens that are non-reproducible [1]. When a laser is shined on this token, the interference pattern generated by the microspheres is unique. One problem with this arrangement is that any variation in the angle of incident laser light changes the interference pattern; another is that the device can be easily read, making it relatively useless as a cryptographic key storage device. However, these same characteristics may make it useful as a tamper-evident enclosure.
DESCRIPTION
The original discovery is simple; transparent epoxy containing glass beads is cast into a shape. After setting, the random arrangement of glass beads in the epoxy leads to a unique interference pattern when laser light is shined through the epoxy, which cannot be reproduced, as variations of as little as half a wavelength of light in bead size and location will lead to a distortion of the interference pattern. While this is an interesting way to generate a unique token, the utility of a unique optical token is limited, given that it is much easier to use a unique electronic token instead.
However, for the purpose of detecting tampering with electronic devices, this material may be ideal. Most physical attacks on electronic devices depend on connections made to add, remove, or modify something on the device to permit snooping [2]. While many attacks are committed at the place of manufacture, some attacks may take place during shipping [3], or later. If there were a way to readily detect modifications to shipped devices, this practice would become much more difficult.
To that end, if one were to use this material to enclose an electronic device with multiple surface-mounted laser diodes (of the type used in optical-disc readers), the interference pattern generated by these lasers would be "fixed" and easy to validate. A simple printed copy of the interference pattern, showing regions of light and dark, could be used to validate that the enclosure was unmodified. For ease of validation, both printout and device might have instructions on them. The printout might also have a line to align the device to, for rapid validation. Multiple colors of laser diode might be used as well; random placement might also be used.
This would be useful for nearly any electronic device. For devices which require installation where validation may prove difficult, (expansion cards, say), one might need to provide a USB port for powering the laser diodes. For other things - cables and connectors, for example - there might be sufficient bus power for continuous operation.
PROBLEMS
There are very few problems with this. Erosion of the epoxy and loss of glass beads from the surface may change the interference pattern, but that may well simply be a useful indicator of wear, and at any rate, a slow change in the interference pattern is scarcely a matter of concern.
REFERENCES
[1] http://www.nature.com/news/1998/020916/full/news020916-15.html
[2] http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html
[3] http://www.theverge.com/2013/12/29/5253226/nsa-cia-fbi-laptop-usb-plant-spy
Original, to the best of my knowledge, as of 27 January, 2014. Derivation of work from 2002.
EXPOSITION
Recent disclosures about potential tampering with electronics during shipment suggest a need for tamper-resistant and -evident hardware. A recollection of earlier work in the field brought to mind the use of glass microspheres and epoxy resin to create unique cryptographic tokens that are non-reproducible [1]. When a laser is shined on this token, the interference pattern generated by the microspheres is unique. One problem with this arrangement is that any variation in the angle of incident laser light changes the interference pattern; another is that the device can be easily read, making it relatively useless as a cryptographic key storage device. However, these same characteristics may make it useful as a tamper-evident enclosure.
DESCRIPTION
The original discovery is simple; transparent epoxy containing glass beads is cast into a shape. After setting, the random arrangement of glass beads in the epoxy leads to a unique interference pattern when laser light is shined through the epoxy, which cannot be reproduced, as variations of as little as half a wavelength of light in bead size and location will lead to a distortion of the interference pattern. While this is an interesting way to generate a unique token, the utility of a unique optical token is limited, given that it is much easier to use a unique electronic token instead.
However, for the purpose of detecting tampering with electronic devices, this material may be ideal. Most physical attacks on electronic devices depend on connections made to add, remove, or modify something on the device to permit snooping [2]. While many attacks are committed at the place of manufacture, some attacks may take place during shipping [3], or later. If there were a way to readily detect modifications to shipped devices, this practice would become much more difficult.
To that end, if one were to use this material to enclose an electronic device with multiple surface-mounted laser diodes (of the type used in optical-disc readers), the interference pattern generated by these lasers would be "fixed" and easy to validate. A simple printed copy of the interference pattern, showing regions of light and dark, could be used to validate that the enclosure was unmodified. For ease of validation, both printout and device might have instructions on them. The printout might also have a line to align the device to, for rapid validation. Multiple colors of laser diode might be used as well; random placement might also be used.
This would be useful for nearly any electronic device. For devices which require installation where validation may prove difficult, (expansion cards, say), one might need to provide a USB port for powering the laser diodes. For other things - cables and connectors, for example - there might be sufficient bus power for continuous operation.
PROBLEMS
There are very few problems with this. Erosion of the epoxy and loss of glass beads from the surface may change the interference pattern, but that may well simply be a useful indicator of wear, and at any rate, a slow change in the interference pattern is scarcely a matter of concern.
REFERENCES
[1] http://www.nature.com/news/1998/020916/full/news020916-15.html
[2] http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html
[3] http://www.theverge.com/2013/12/29/5253226/nsa-cia-fbi-laptop-usb-plant-spy
Subscribe to:
Comments (Atom)