English
Industry Expert Blogs
|
How Random is Random? Part 4 - TRNGs - Endless Methods of AttacksElliptic's Blog - David A. Jones, Senior Field Engineer, Elliptic TechnologiesMay. 21, 2015 |
How can the attacker influence the entropy of the device? There are endless methods of attack, let's be creative. Hair dryer anyone? Heat, Cold, EMF, targeted frequency generators, water, liquid hydrogen, liquid co2, drill, dremil and professional tools. I know this borders on the ridiculous but if you flip it around, the attacker is going to use anything and everything at their disposal. But why? What is the motivation? If there is a valuable eco-system, and a black market, like there was for smart cards. Then the Atmega-emulators of smart cards market will have value also. These black market eco-systems have huge dollar value in the market. So they don't mind spending a 1 million dollars or more for a professional tool to read or break the fabric of the device in order to get the memory locations of the keys and assets of the device. Device cloning is a huge market and in some cases have been more successful than the authentic paid for eco-system. This has certainly occurred frequently in the conditional access market and DRM markets too.
