I'm not quite sure what happened in my brain when I read the title (probably some kind of lost in translation, translating between my mother tongue and back again), but I didn't expect a <i>spinning</i> device.<p>But when I saw the first picture I immediately understood were this is going. Actually it's quite clever - as is the subliminal self-irony of the authors. The <i>Swivel Chair Attack</i> made me laugh harder than it should (someone here in the comments already rightfully called for an ig nobel price for that). And still this idea might be a unconventional but working solution.<p>It's kind of a refreshing read.
<i>>4.3 The Swivel Chair Attack</i><p><i>>If we assume whoever integrates the payload into an IHSM has done adequate work and prevented all contactless attacks, we are left with attacks that aim at mechanically bypassing the IHSM’s security mesh. The first type of attack we will consider is the most basic of all attacks: a human attacker holding a soldering iron trying to rotate herself along with the mesh using a very fast swivel chair.</i><p>this is amazing. is there an ig nobel for computer science?
Why aren't MEMS accelerometers enough by themselves?<p>Well, one should build an HSM to have multiple tamper detection sensors:<p><pre><code> - accelerometers
- light sensors (the HSM should
be sealed in an opaque box)
- vibration sensors
- temperature sensors
- air pressure sensors (the HSM
should be sealed in a
pressurized airtight box)
- moisture sensors (the HSM
could be an air- and watertight
box inside a water-tight box
full of water)
</code></pre>
Encase the whole thing in a thick layer of resin, leaving only connections for:<p><pre><code> - water (for cooling)
- optical ethernet (to avoid
electrical attacks on wire
ethernet)
- an inductive coupling plate
to power everything but the
water pump
- power for the water pump
</code></pre>
Put this in a locked cabinet in a locked cage in a locked access-controlled room.
If there is one thing I learned working with dedicated and eventually advocating for shared hsm (kms, managed hsm, etc) it's that HSM routinely have zero days that invalidate the ability to prove the key never left.<p>I'm curious what folks feel like they are really getting when they buy a physical hsm in 2023?<p>Do we really believe HSM vendors have a greater incentive to patch vulnerabilities than cloud providers who build services on top of them?<p>I 100% trust google more than Thales to keep things patched, and provide the most trustworthy logs.
Their talk was quite nice, they talk about experiences with other HSMs, their history, what lead them to design their own, the many aspects of their design and then go through potential attacks:<p><a href="https://youtu.be/zD5EdvGs98U?t=13m23s" rel="nofollow noreferrer">https://youtu.be/zD5EdvGs98U?t=13m23s</a>
I'll try spinning–that's a good trick!<p>Curious what the model is for an attacker who creates tools that rotate at the same speed as the HSM dynamo, and then controls it remotely in a seemingly stationary reference frame.
Just crazy enough to work! I love it. One hole I can poke in the concept is to copy the IR heartbeat signal and retransmit while destroying the mesh.<p>>Besides power transfer from stator to rotor, we need a reliable, bidirectional data link to transmit mesh status and a low-latency heartbeat signal. We chose to transport an 115 kBd UART signal through a simple IR link for a quick and robust solution. The link’s transmitter directly drives a standard narrow viewing angle IR led.
Jan did a talk about DIYing one at GPN: <a href="https://media.ccc.de/v/gpn20-48-can-t-touch-this-diy-ing-a-hardware-security-module" rel="nofollow noreferrer">https://media.ccc.de/v/gpn20-48-can-t-touch-this-diy-ing-a-h...</a><p>Like others, I didn't expect it to be a computer in a washing machine. A lot of the talk felt surreal due to its "that's insane ... but you have a point" kind of vibe.
Suggest changing the title to "Inertial HW Security Modules Mitigate Physical Attacks" or something as "HSM" is an overloaded term(I thought it was hierarchical state machines).