Tamper Protection for Cryptographic Hardware : A survey and analysis of state-of-the-art tamper protection for communication devices handling cryptographic keys

Abstract: This master's thesis was conducted at Sectra Communications AB, where the aim of the thesis was to investigate the state of the art of physical hardware tampering attacks and corresponding protections and mitigations, and finally combining this to a protection model that conforms to the FIPS 140-2 standard. The methods used to investigate and evaluate the different attacks were literature searching, looking for articles presenting different attacks that have been used against real targets, and attacks that there are no records of being attempted on a real target, but are theoretically possible. After this, an attack tree was constructed, which then developed into a flowchart. The flowchart describes and visualizes how the different attacks could take place. A qualitative risk analysis was conducted to be able to evaluate and classify the different attacks. This showed the attacks that would most likely have the greatest impact on a cryptographic communications device if used in an attack on the device, and also which of these attacks one must prioritize to protect the device against. The attacks that were regarded to have the highest impact on a cryptographic communication device were memory freezing attacks, and radiation imprinting attacks. After this, a protection model was developed. This was done by placing protection and mitigation in the attack flowchart, showing how one could stop the different attacks. To then investigate the different protections, an evaluation process was conducted. An evaluation process was conducted to investigate the different protections by comparing their attributes to the requirements of the FIPS 140-2 standard. This evaluation process than resulted in a combined protection model that covers the requirements of the FIPS 140-2 standard. This thesis concludes that there are many different protections available, and to be able to create solutions that protect the intended system one must perform a deep attack vector analysis. Thus, finding the weaknesses, and vulnerabilities one must protect.