Today, to exclude theft of cryptographic keys by espionage methods, they are placed in so-called hardware protected modules. They are a container, inside the walls of which, with a micrometer pitch, a network of live wires filled with resin is laid. It does not react to impacts and falls, but it's worth punching the outer shell and getting to the network, like a chain break or a short circuit. The sensors will automatically command to erase the keys on the board inside the module – the cracker will not get anything.
The technology is simple, but it has plenty of minuses, and most are reduced to dependence on an external power source. If you disable it and try to bypass the protection system, the information inside the container is automatically erased. But the same will happen with a banal wire break or damage to the battery itself, for example, during an earthquake or a fire. And if you transport the module with the battery at low temperatures, it will be discharged faster than the valuable cargo will reach its destination.
The Fraunhofer Institute (Germany) offered a new version of the hardware-protected module – a non-volatile B-Trepid. The idea is not to check permanently the parameters of the electrical envelope of the container, but to read them when accessing the keys. To do this, the same grid of wires is created, but with an individual architecture and, as a consequence, unique capacitance parameters. At the first connection this parameter is written into the memory of the checking block, and if then the container is damaged, upon activation the check will reveal it and give the command to erase the key. The rest of the time the system is de-energized and is safe.
German engineers say they have learned to make containers with a unique “electrical signature” that can not be copied and reproduced. The container itself is the key, and if using it to encrypt the protected cryptographic data, it will be pointless to break the module itself. Even a hole with a diameter of 0.3 mm already breaks its structure and disables everything – a potential thief will have to act extremely delicately.js.src = “&version=v2.8”; 'script', 'facebook-jssdk'));