Envelope penetration detection 4

[joaomartins]

Hi,

I have one PCB with electronics that I want to protect from ouside world probing! I use on Flat for the interface.

I am considering the use of a sheet to enclose the PCB.
It would be great to measure the tin sheet and if some hole is made on it this resistance measurent should be different in order to trigger some action.

Any Idea on how to measure correctly this!?

Please note that this must be working on all circustances so probably whatever design idea is brought it must work properly powered by a lithium battery.

Thanks 2 All

 

[OperaHouse]

How about a seald box with positive pressure. An absolute pressure sensor could monitor it. Another option is to epoxy a circuit board on the inside of the case with a line pattern etched on it. Then you just detect a break in the circuit. Protection schemes are almost always a waste of effort. I worked with an owner who went through all sorts of eforts to protect designs I would be ashamed to show to someone. Hey, maybe that's why he did it.

 

[IRstuff]

Why not simply pot the darned thing?

Any external scheme can be defeated within 2 or 3 copies. A potted circuit board, particularly if critical jumpers or parts are near the outside, cannot be readily penetrated without destroying the functionality of the overall circuitry.

There are basically only two ways of penetrating potting material, mechanical grinding or solvents or etching. You can make parts of the circuit more susceptible to those types of actions, so that any attempt would cause destruction of the sacrifice components or non-functionailty of the overall circuit.

Additionally, this approach requires no power at all and is not subject to false alarms.

TTFN

 

[joaomartins]

Thanks for your answers.

1) Both talk about EPOXY. This is nice but I have seen EPOXY being removed without damaging the board!

How can I real make a part susceptible to etch!?

2) "How about a seald box with positive pressure"
The box can not be completed sealed because I need to make connections with outside. Even using a flat I think it can change the pressure with time!

 

[IRstuff]

As I mentioned, if you are that paranoid, you'll need to design parts of the circuit itself that can be readily damaged by the de-potting process. For example, if the circuit card itself were made out of the potting material, it could make it extremely difficult to properly reverse- engineer the circuit. Alternately, you can place major portions of the circuit within an EPLD that cannot be directly read out.

Ultimately, you should be clear that there are very few circuits worth protecting this way and that given sufficient cause, any means of protection can be defeated.

TTFN

 

[melone]

Place bare die devices instead of packaged parts....

 

[joaomartins]

I believe I am was unable to explain correctly my problem.
What I need is something to protect SRAM critical data and not to protect reverse engineering!
Basically I need to know when a penetration happens and then short the VCC-GND SRAM pins.

"For example, if the circuit card itself were made out of the potting material," - What potting material were you thinking?

"Place bare die devices instead of packaged parts...."
Hard to find and very expensive...

From what I have read from all it seems that the best is to use EPOXY covering one black box.This blck box will have the PCB(with the SRAM data) covered by some special membrane with lost of tiny conductors that are easily broken when someone tries to remove the EPOXY by any means!
The problem: Where to find this special membrane!!!!???

I am also considering Flex circuits and then extend the PCB to make one envelope around itself! But I really do not know if this will be sufficiently damaged!

Any news!

Thanks 2 all

 

[IRstuff]

But you haven't really indicated what level of determination you expect the intruder to have. If you think that an intruder will probe an SRAM and figure out something from that, it implies a high level of determination.

If you're concerned about casual intruders, simply erase or otherwise remove the part numbers from the parts on the board. Use FPGA's with internal RAM to hide the data. Use ball grid array packages to hide the I/O pins. Encrypt the data.

The medium level intrusion protection is potting the board

The high level is all of the above plus hybridization of components, using flip-chip mounting of bare die.

The options are endless. You need to explain clearly why you think it's necessary to hide your data and how much you're willing to pay and how much you think the intruder is willing to pay.

TTFN

 

[joaomartins]

I use DS5002 from Dallas which has BUS encryption.
In the SRAM there are security KEYS that I must protect.
Even encrypted with some effort it can be broken.
The idea of using some special enclosure is at least to increase the time for the attack as much as possible.

About the money that I can use: About 50€ at most for this special enclosing!

 

[IRstuff]

Given these constraints:
> pot the board
> remove part numbers from parts
> try to use FPGA embedded SRAM to store keys
> use secondary PCB as top layer interconnect and as cover for QFP leads on processor and other parts, e.g., have pbc ~0.1" thick with one or two layers of interconnect and ground plane that is soldered/mounted over top of populated pcb.
> use the two layers in the cover PCB as capacitors to monitor for intrusion by change in capacitance
> use BGA wherever possible
> bury traces wherever possible


TTFN

 

[IRstuff]

Could also put dummy parts on board to make it more difficult to determine functionality.

TTFN

 

[nbucska]

A company copied a logic board's layout, bought IC-s and built a few hundred, hoping that they can sell at least
part of them which work. Not one single one was working...

Just before they ran out of money, they found out the company mis-marked a custom IC with the number of a standard
of the shelf TTL IC...

<nbucska@pcperipherals.com>

 

[melone]

Or if you are that paranoid about this, provide an on-site respresentative with the box.

 

[Warpspeed]

Another quite simple way of making it just a little bit harder is to mix up all the address and data lines going to your RAM.

 

[joaomartins]

First thanks for all comments/suggestions

Warpspeed:
Nice idea but I have the problem that the SRAM will have DATA as well as CODE! This means that I can not change data lines and I must be carefully with Addr lines change.
Even if I change some addr lines is not relevant because it is just a question of probe the RAM. Nevertheless I have marked your post because if the RAM was only for DATA it would be a very good idea.

Melone:
Sorry but I am not understanding what you mean with &quot;...an on-site respresentative with the box....&quot;Probably is because of my weak English. If could state it other way...

nbucska:
I hope it was not your company As I say my problem is not design protection but rather internal data protection.

IRstuff:
Dummy parts are not relevant because any attacker will go directly to SRAM! Unless I put 1000 SRAMs
&quot;...try to use FPGA embedded SRAM to store keys..&quot; Nice but i still have to connect it to the uC so...

All are ideas are good. The idea of measuring capacitor is cool but I have some doubts if I will always get the same capacitor for each product and if the change is relevant for a small hole! nevertheless this could be a means of preventig PCB disassembly to get to internal traces/protection mask. Of course this PCB CAP measurement circuit must be always active(bat powered!) and must give one digital signal for ok/attack!

 

[IRstuff]

If the circuit is not powered up, then there is nothing t probe.

The capacitance would be based on the thickness of the cover and can be controlled reasonably well, and or be laser trimmed for tighter tolerances. This prevents the attacker from altering the circuit configuration of the cover, as that would change the overall capacitance.

You seem to want a lot of protection for very little money. You might also wish to review the protection of the processor itself for what is accomplishable within the processor that you can readily duplicate. Presumably, Dallas Semi has app notes on how to protect the external data. It would be rather foolish to provide such protection on the processor and yet leave vulnerable bits of data lying around.

After all these posts, I've yet to get a clear idea from you what the expected attack looks like. This should be the primarily requirement; defining the attack scenario and the methodologies employed. If you do not have this explicitly defined, you get what you gotten so far, a bunch of random ideas without any notion of what the true attack looks like.

Additionally, once you define the scenario, you need to identify the probability of occurrence and the potential downside. Only then can you correctly establish what the allowable cost of protection is and whether your budget is at all realistic.




TTFN

 

[OperaHouse]

It seems to me that he has external memory that stores security codes or sensitive data and the concern is that these codes or data could be read out. I would think the best protection is for the processor to encode the data going into memory. Each processor would be programmed with a different key so this data couldn't be loaded into a like machine and the data used. This would be effective because most processors have a pretty good protect mode for the program. Even site specific programs could use use this translator method. Like the STAMP that you load their &quot;basic&quot; into. Only cost is added memory and slower running.

 

[IRstuff]

The processor in question uses encrypted instructions and is specifically designed for this application.

TTFN

 

[joaomartins]

Again thanks for your comments:

The uP DS5002 does BUS encryption and the CODE and DATA store are encrypted. And yes, different boards will have different encryption keys on the uC.

I need a PCB board that can run security algorithms and keep security keys inside.
This can be used for instance for PC secure communications across internet for individuals as well as for companies.
let me call it (no name yet) secBoard.

On the secBoard there will be session keys as well as master keys and it is meant to work for 10 years (the usual figure although I do not why always this number )

The DS5002 is not the TOP security! It is a nice uC but can be broken. It is not easy and not everyone can do it of course.

Security is more a matter of trust. Every system might be broken someday and of course when I say 10 years I must take this in consideration!

Tipically when designing security hardware we must think like the comment from IR stuff and we have to look for the security criteria to follow.

From my research on the internet and from what I have heard here I come to the following conclusions:
1) Software if extremely important!
2) EPOXY with special characteristics is very good for tamper detection and attack delay
3) Envelope detection is &quot;the cool feature&quot;


Why it is important to make the attack longer!? Well because if one secBoard disappears or has tamper attack evidence the the master key must be changed as quickly as possible! By keeping the session keys changing often will prevent recorded messages to be broken!

&quot;If the circuit is not powered up, then there is nothing t probe.&quot; remember that if no protection on power off someone can get to the PCB and broke the protection! Then it is easy to turn off the power!

&quot;You seem to want a lot of protection for very little money.&quot;
) Yes but that is the life of someone that wants to do soemething if I was IBM probably any security product less that 10000€ would be considered very strange

So in conclusion I am looking for &quot;nice&quot; solutions.
For the envelope I haven´t found anything!
Also I do not know if it is very feasible to disassembly one PCB to reach the inner tracks!?

One cool solution can be tilt sensors but this must be used carefully or else.....

 

[IRstuff]

The bottomline line here is tnat anything that you or anyone here can come up with can be broken given enough time and money.

It is completely irrelevant how &quot;nice&quot; or &quot;cool&quot; a solution is if the upside is worth the effort.

Your tilt sensor can only be applicable during operation, since there are plenty of valid reasons for moving equipment. Tilt sensing during operation is irrelevant, since there may be no reason to tilt the equipment during an attack.

TTFN