In the field of computer security, system hardware is said to be tamper-resistant if it is difficult to modify or subvert, even for an assailant who has physical access to the system. A common form of tamper-resistance is a device or sub-system which contains information which is difficult to extract even with direct physical access. Tamper resistance finds application in smart cards, set-top boxes and other devices that use digital restrictions management.

It has been argued that it is very difficult to make simple electronic devices secure against tampering, because numerous attacks are possible, including :

• physical attack of various forms (drills, files, solvents, etc)
• freezing the device
• applying out-of-spec voltages or power surges
• applying unusual clock signals
• inducing software errors using radiation
• measuring the precise time and power requirements of certain operations (see power analysis)

IBM has, however, challenged this argument by developing the 4758 secure cryptoprocessor, which includes defences against numerous mechanical, chemical, electrical, and radiological attacks. Despite some hiccups, it appears possible that such systems could be impenetrable to adversaries with limited time or resources. In practice, this may be sufficient under many circumstances.

References

• Sean Smith & Steve Weingart, Building a High-Performance, Programmable Secure Coprocessor (http://www.research.ibm.com/secure_systems/papers/arch.pdf), Computer Networks 31, pp. 831--860 (1999)

See also

• Tamper-evident devices
• FIPS 140-2
• Zeroise

External links

• IBM 4758 homepage (http://www-3.ibm.com/security/cryptocards/html/overhardware.shtml)
• Tamper Resistance - a Cautionary Note (http://www.cl.cam.ac.uk/users/rja14/tamper.html)
• Low cost attacks on tamper resistant devices (http://www.cl.cam.ac.uk/~mgk25/tamper2.pdf)
• Extracting a 3DES key from an IBM 4758 (http://www.cl.cam.ac.uk/~rnc1/descrack/)