Single post
jump to replies
> Our core observation is that any cheap but coarse HSM technology can be made much more difficult to attack by moving it very quickly.
fucking lmao tches.iacr.org/index.php/TCHES/article/download/9290/8856/7085
2 replies
back to top
@nyanotech interesting idea!
one thing that i didn't see (or missed while skimming the paper) is what they do when you remove power. you need a lot of power to keep rotating your HSM, so batteries are impractical. a conventional mesh can be easily monitored for weeks just from a battery inside the security envelope.
a power down will obviously be visible from the outside. but the attacker might provide some plausible explanation for a power outage while compromising the HSM. also initial deployment of the HSM might open a attack window while it is transported to the final datacenter in powered down state.
@electronic_eel iunno, i feel like if you make the spinny bits small enough, you could probably fit a large amount of runtime in like, a rackmount chassis