Degree of Security
Secure cryptoprocessors, while useful, are not invulnerable to attack, particularly for well-equipped and determined opponents (e.g. a government intelligence agency) who are willing to expend massive resources on the project.
One attack on a secure cryptoprocessor targeted the IBM 4758. A team at the University of Cambridge reported the successful extraction of secret information from an IBM 4758, using a combination of mathematics, and special-purpose codebreaking hardware.
While the vulnerability they exploited was a flaw in the software loaded on the 4758, and not the architecture of the 4758 itself, their attack serves as a reminder that a security system is only as secure as its weakest link: the strong link of the 4758 hardware was rendered useless by flaws in the design and specification of the software loaded on it.
Smartcards are significantly more vulnerable, as they are more open to physical attack.
In the case of full disk encryption applications, especially when implemented without a boot PIN, a cryptoprocessor would not be secure against a cold boot attack if data remanence could be exploited to dump memory contents after the operating system has retrieved the cryptographic keys from its TPM.
Some secure cryptoprocessors contain dual processor cores and generate inaccessible encryption keys when needed so that even if the circuitry is reverse engineered, it will not reveal any keys that are necessary to securely decrypt software booted from encrypted flash memory or communicated between cores.
The first single-chip cryptoprocessor design was for copy protection of personal computer software (see US Patent 4,168,396, Sept 18, 1979) and was inspired by Bill Gates' Open Letter to Hobbyists.
Read more about this topic: Secure Cryptoprocessor
Famous quotes containing the words degree of, degree and/or security:
“When the world was half a thousand years younger all events had much sharper outlines than now. The distance between sadness and joy, between good and bad fortune, seemed to be much greater than for us; every experience had that degree of directness and absoluteness which joy and sadness still have in the mind of a child”
—Johan Huizinga (1872–1945)
“Need I explain to the inhabitants of England, for whom I chiefly write, how extreme are those sufferings, and how great the costliness of that old age which is unable in any degree to supply its own wants? Such old age should not, we Britannulists maintain, be allowed to be.”
—Anthony Trollope (1815–1882)
“Our security depends on the Allied Powers winning against aggressors. The Axis Powers intend to destroy democracy, it is anathema to them. We cannot provide that aid if the public are against it; therefore, it is our responsibility to persuade the public that aid to the victims of aggression is aid to American security. I expect the members of my administration to take every opportunity to speak to this issue wherever they are invited to address public forums in the weeks ahead.”
—Franklin D. Roosevelt (1882–1945)