Hello all, Because of the audience addressed in this forum, I will probably be saying things that are obvious or common knowledge to a lot of you. Please bear with me while my thread develops, and read on: A number of Software Encryption Systems exist for the secure dissemination of information over Networks. The heart of any of these Systems is the generation of a secret key for Encryption and Decryption of data. This key is retained in some form of memory. (your head, on a stiffy.... or in a Secure Cryptographic Module.) With Software Encryption becoming increasingly sophisticated and consequently becoming very much more difficult to compromise, the role of other Key Management schemes gains precedence. An important element in other key management schemes is a Secure Hardware Cryptographic Module as defined in *FIPS104-1* and elsewhere. I am doing research into Tamper-proofing of Cryptographic Modules. The aim of the research is to: DEFINE PARAMETERS * Methods and devices used for storing secret data. * Possible means of gaining access to the secret data stored in the module. (Mechanical, SEM or TEM Scanning, Micro-probing, Timing Attacks, compromised Key Management, etc., etc.) * Possible methods of preventing and/or detecting access, within existing Standards such as FIPS140-1 as well as methods possibly not covered by Standards. * Zeroization techniques. These Parameters will be used to develop paradigms for the Hardware design of Cryptographic Modules. PARADIGMS * Tamper-detection and reporting. * Zeroization techniques using inputs from tamper-detection devices. * Other zeroization techniques. * RFI and EMI shielding. * Definition of Cryptographic Boundary. * Key Management routines - interface with hardware. * Cost_of_intrusion versus Data_value. * Manufacturing_cost versus Security_performance. As the research progresses other Parameters and Paradigms will undoubtedly come to light. I have developed Cryptographic Modules for use in EFT WAN, Voice Comms.(Telephone and Radio) and Facsimile Transmission. These have been developed on specifications given by the Client and it has become obvious to me that new Paradigms need to be developed, hence this research. I would like to freely discuss my research with Academics, Engineers of all disciplines, Designers and *Politicians* in the Internet sense. Looking forward to hearing from you ! Etienne Rijkheer. My PGP Pub.Key is available.