FACTOID # 3: South Carolina has the highest rate of violent crimes and aggravated assaults per capita among US states.
 
 Home   Encyclopedia   Statistics   States A-Z   Flags   Maps   FAQ   About 
   
 
WHAT'S NEW
 

SEARCH ALL

FACTS & STATISTICS    Advanced view

Search encyclopedia, statistics and forums:

 

 

(* = Graphable)

 

 


Encyclopedia > Tamper resistance

Tamper resistance is resistance to tampering by either the normal users of a product, package, or system or others with physical access to it. There are many reasons for employing tamper-resistance. Image File history File links Question_book-3. ...


Tamper resistance ranges from simple features like screws with special heads to more complex devices that render themselves inoperable or encrypt all data transmissions between individual chips. Tamper resistant devices or features are also common on packages to deter package or product tampering.


In some applications, devices are only tamper-evident rather than tamper-resistant. Tamper-evident devices are ones designed to make it easy to see whether they have been altered. ...

Contents

Tampering

Tampering involves the deliberate altering or adulteration of a product, package, or system. Solutions may involve all phases of product production, distribution, logistics, sale, and use. No single solution can be considered as "tamper proof". Often multiple levels of security need to be addressed to reduce the risk of tampering. Some considerations might include: For other uses, see Security (disambiguation). ...

  • Identify who a potential tamperer might be: psychopath, misguided joker, saboteur, organized criminals, terrorists. What level of knowledge, materials, tools, etc. might they have?
  • Identify all feasible methods of unauthorized access into a product, package, or system. In addition to the primary means of entry, also consider secondary or "back door" methods.
  • Improve the tamper resistance to make tampering more difficult, time-consuming, etc.
  • Add tamper-evident features to help indicate the existence of tampering.
  • Educate people to watch for evidence of tampering.

Tamper-evident devices are ones designed to make it easy to see whether they have been altered. ...

Safety

Nearly all mains appliances and accessories can only be opened with the use of a screwdriver (or a substitute item such as a nail file or kitchen knife). This prevents children and others who are careless or unaware of the dangers of opening the equipment from doing so and hurting themselves (from electrical shocks, burns or cuts, for example) or damaging the equipment. Sometimes (especially in order to avoid litigation), manufacturers go further and use tamper resistant screws, which cannot be unfastened with standard equipment. Tamper resistant screws are also used on electrical fittings in many public buildings primarily to reduce tampering or vandalism that may cause a danger to others. A lawsuit is a civil action brought before a court in order to recover a right, obtain damages for an injury, obtain an injunction to prevent an injury, or obtain a declaratory judgment to prevent future legal disputes. ...


Warranties and support

A user who breaks equipment by modifying it in a way not intended by the manufacturer might deny they did it, in order to claim the warranty or (mainly in the case of PCs) call the helpdesk for help in fixing it. Tamper-evident seals may be enough to deal with this. However, they can't easily be checked remotely, and many countries have statutory warranty terms that mean manufacturers may still have to service the equipment. Tamper proof screws will stop most casual users from tampering in the first place. Tamper-evident devices are ones designed to make it easy to see whether they have been altered. ...


Security

Tamper-resistant microprocessors are used to store and process private or sensitive information, such as private keys or electronic money credit. To prevent an attacker from retrieving or modifying the information, the chips are designed so that the information is not accessible through external means and can be accessed only by the embedded software, which should contain the appropriate security measures. A microprocessor is a programmable digital electronic component that incorporates the functions of a central processing unit (CPU) on a single semiconducting integrated circuit (IC). ... ... Electronic money (also known as electronic cash, electronic currency, digital money, digital cash or digital currency) refers to money or scrip which is exchanged only electronically. ...


Examples of tamper-resistant chips include all secure cryptoprocessors, such as the IBM 4758 and chips used in smartcards, as well as the Clipper chip. A secure cryptoprocessor is a dedicated computer for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance. ... The IBM 4758 PCI Cryptographic Coprocessor is a secure cryptoprocessor implemented on a high-security, programmable PCI board. ... A smartcard or smart card is a tiny secure cryptoprocessor embedded within a credit card-sized or smaller (like the GSM SIM) card. ... The Clipper chip is a chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission. ...


It has been argued that it is very difficult to make simple electronic devices secure against tampering, because numerous attacks are possible, including:

  • physical attack of various forms (microprobing, drills, files, solvents, etc.)
  • freezing the device
  • applying out-of-spec voltages or power surges
  • applying unusual clock signals
  • inducing software errors using radiation
  • measuring the precise time and power requirements of certain operations (see power analysis)

Tamper resistant chips may be designed to zeroise their sensitive data (especially cryptographic keys) if they detect penetration of their security encapsulation or out-of-specification environmental parameters. A chip may even be rated for "cold zeroisation", the ability to zeroise itself even after its power supply has been crippled. In cryptography, power analysis is a form of side channel attack in which the attacker studies the power consumption of a cryptographic hardware device (such as a smart card, tamperproof black box, microchip, etc). ... In cryptography, zeroisation (also spelled zeroization) is the practice of erasing sensitive parameters (especially keys) from a cryptographic module to prevent their disclosure if the equipment is captured. ... A key is a piece of information that controls the operation of a cryptography algorithm. ...


Nevertheless, the fact that an attacker may have the device in his possession for as long as he likes, and perhaps obtain numerous other samples for testing and practice, means that it is practically impossible to totally eliminate tampering by a sufficiently motivated opponent. Because of this, one of the most important elements in protecting a system is overall system design. In particular, tamper resistant systems should "fail gracefully" by ensuring that compromise of one device does not compromise the entire system. In this manner, the attacker can be practically restricted to attacks that cost less than the expected return from compromising a single device (plus, perhaps, a little more for kudos). Since the most sophisticated attacks have been estimated to cost several hundred thousand dollars to carry out, carefully designed systems may be invulnerable in practice. Graceful failure of a program is a term used in computing to express inability of the program to perform requested operation of which user is notified. ... Look up kudos in Wiktionary, the free dictionary. ...


Much public research in this field has been carried out by Dr. Markus Kuhn and Prof. Ross Anderson. Dr. Markus G. Kuhn (born 1971 in Munich) is a German computer scientist, currently teaching and researching at the University of Cambridge Computer Laboratory. ... Ross J. Anderson is a researcher, writer, and industry consultant in security engineering. ...


DRM

Tamper resistance finds application in smart cards, set-top boxes and other devices that use digital rights management. In this case the issue is not about stopping the user breaking the equipment or hurting themselves but about either stopping them extracting codes or acquiring and saving the decoded bitstream. This is usually done by having lots of features on each chip and making sure the busses between chips are encrypted. Smart card used for health insurance in France. ... A set-top box (STB) or set-top unit (STU) is a device that connects to a television and an external source of signal, turning the signal into content which is then displayed on the television screen. ... Digital rights management (DRM) is an umbrella term that refers to access control technologies used by publishers and copyright holders to limit usage of digital media or devices. ...


DRM mechanisms also use certificates and asymmetric Key cryptography in many cases. In all such cases, tamper resistance means not allowing access to the valid device certificates/ public-private keys of the device to the device user. The process of making software robust against tampering attacks is referred to as software anti-tamper. Anti-tamper (AT) is defined as the systems engineering activities intended to prevent or delay exploitation of essential or critical technologies in U.S. weapon systems or the private sector. ...


Nuclear industry

In the design of nuclear reactors, preventing the proliferation of nuclear weapons has become rather important. Making reactors tamper-resistant, as in the SSTAR, has become fairly important. This will probably be achieved through a combination of making it difficult to get at the nuclear material, closely tracking where the reactors are transported and having alarms if attempts at entry are detected (which can then be responded to by the military). Nuclear power station at Leibstadt, Switzerland. ... The mushroom cloud of the atomic bombing of Nagasaki, Japan, 1945, rose some 18 km (11 mi) above the epicenter. ... A possible design for SSTAR. SSTAR is an acronym for the small, sealed, transportable, autonomous reactor - being primarily researched and developed in the US by Lawrence Livermore National Laboratory. ...


Packaging

Resistance to tampering can be built in or added to packaging. Consider: Packaging is the enclosing of a physical object, typically a product that will be offered for sale. ...

  • Extra layers of packaging (no single layer or component is "tamper-proof")
  • packaging which requires tools to enter
  • extra strong and secure packaging
  • packages which cannot be resealed
  • tamper-evident seals and features
  • etc.

Tamper-evident devices are ones designed to make it easy to see whether they have been altered. ...

Software

Software is also said to be tamper-resistant when it contains measures to make reverse engineering harder, or to prevent a user from modifying it against the manufacturer's wishes (removing a restriction on how it can be used, for example). One commonly used method is code obfuscation. Reverse engineering (RE) is the process of taking something (a device, an electrical component, a software program, etc. ... Obfuscated code is source code that is (usually intentionally) very hard to read and understand. ...


However, effective tamper resistance in software is much harder than in hardware, as the software environment can be manipulated to near-arbitrary extent by the use of emulation.


If implemented, trusted computing would make software tampering of protected programs at least as difficult as hardware tampering, as the user would have to hack the trust chip to give false certifications in order to bypass remote attestation and sealed storage. However, the current specification makes it clear that the chip is not expected to be tamper-proof against any reasonably sophisticated physical attack[1]; that is, it is not intended to be as secure as a tamper-resistant device. Logo of Trusted Computing Group, an initiative to implement Trusted Computing Trusted Computing (commonly abbreviated TC) is a technology developed and promoted by the Trusted Computing Group (TCG). ...


See also

Tamper-evident devices are ones designed to make it easy to see whether they have been altered. ... The Tylenol crisis occurred in the autumn of 1982, when seven people in the Chicago area in the United States died after ingesting Extra Strength Tylenol medicine capsules which had been laced with potassium cyanide poison. ... A sealed pack of diced pork from Tesco. ... The Federal Information Processing Standard (FIPS) Publication 140-2 [1], called Security Requirements for Cryptographic Modules, is a United States security standard used to certify cryptographic modules, published in 2001. ...

External links

  • IBM 4758 homepage
  • Tamper Resistance – a Cautionary Note
  • Design Principles for Tamper-Resistant Smartcard Processors
  • Low cost attacks on tamper resistant devices
  • Extracting a 3DES key from an IBM 4758
  • Tamper resistant fastener uses

  Results from FactBites:
 
Tamper resistance - Wikipedia, the free encyclopedia (888 words)
Tamper resistance is resistance to tampering by either the normal users of the system or others with physical access to it.
Tamper proof screws are also used on electrical fittings in many public buildings primarily to stop tampering or vandalism that may cause a danger to others.
Tamper resistant chips may be designed to zeroise their sensitive data (especially cryptographic keys) if they detect penetration of their security encapsulation or out-of-specification environmental parameters.
  More results at FactBites »

 
 

COMMENTARY     


Share your thoughts, questions and commentary here
Your name
Your comments

Want to know more?
Search encyclopedia, statistics and forums:

 


Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms, 1022, m