Overview
Syllabus
Intro
Me
What is tampering?
Types of Anti-Tamper
Critical principle
Physical Systems
Physical vs. Electronic
Why do electronics need anti-tamper?
Smartcards
FIPS and HSMS
What changed?
Users are lazy
31c3/RSA work with Eric Michaud
New way: Machine-verifiable seals
Remote verifiable seals
So, servers?
IANA/ICANN HSM
In-between systems
Trusted Computing Group • Intel TXT, AMD SVM (+ ARM TrustZone, MTM) • Derived from DRM efforts ("Palladiurn") in 1990s
Intel SGX
Virtualization-based
Secure multiparty
Raspberry Pi in a Box
Crypto Stick
SmartCard-HSM
General design principles
So, three options
Cheap high-end HSMS
Cheap low-end HSMS
Remote keys
Layered systems
PirateBay
CloudFlare
Open-source