Cryptographic modules

Etienne Rijkheer (rda@aztec.co.za)
Wed, 24 Jan 1996 08:23:13 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Chris Woods: "My Introduction"
Previous message: Benjamin Tomhave: "Introduction"

Hello all,

Because of the audience addressed in this forum, I will probably be saying
things that are obvious or common knowledge to a lot of you. Please bear
with me while my thread develops, and read on:

A number of Software Encryption Systems exist for the secure dissemination
of information over Networks. The heart of any of these Systems is the
generation of a secret key for Encryption and Decryption of data. This key
is retained in some form of memory. (your head, on a stiffy.... or in a
Secure Cryptographic Module.) 

With Software Encryption becoming increasingly sophisticated and
consequently becoming very much more difficult to compromise, the role of
other Key Management schemes gains precedence.

An important element in other key management schemes is a Secure Hardware
Cryptographic Module as defined in *FIPS104-1* and elsewhere. 

I am doing research into Tamper-proofing of Cryptographic Modules. The aim
of the research is to:

 DEFINE PARAMETERS

* Methods and devices used for storing secret data.
* Possible means of gaining access to the secret data stored in the  module.
(Mechanical, SEM or TEM       Scanning, Micro-probing, Timing Attacks,
compromised Key Management,  etc., etc.)
* Possible methods of preventing and/or detecting access, within existing
Standards such as FIPS140-1 as well as methods possibly not covered by
Standards.
* Zeroization techniques.

These Parameters will be used to develop paradigms for the Hardware design
of Cryptographic Modules.

PARADIGMS

* Tamper-detection and reporting.
* Zeroization techniques using inputs from tamper-detection devices.
* Other zeroization techniques.
* RFI and EMI shielding.
* Definition of Cryptographic Boundary.
* Key Management routines - interface with hardware.
* Cost_of_intrusion versus Data_value.
* Manufacturing_cost versus Security_performance.

As the research progresses other Parameters and Paradigms will undoubtedly
come to light.

I have developed Cryptographic Modules for use in EFT WAN, Voice
Comms.(Telephone and Radio) and Facsimile Transmission. These have been
developed on specifications given by the Client and it has become obvious to
me that new Paradigms need to be developed, hence this research.
I would like to freely discuss my research with Academics, Engineers of all
disciplines, Designers and *Politicians* in the Internet sense. 

Looking forward to hearing from you !

Etienne Rijkheer.

My PGP Pub.Key is available.

Next message: Chris Woods: "My Introduction"
Previous message: Benjamin Tomhave: "Introduction"