R. Anderson and M. Kuhn. Tamper resistance ¯ a cautionary note. In The Second USENIX Workshop on Electronic Commerce Proceedings, pages 111, Oakland, California, November 1996.  Home/Search   Document Not in Database   Summary   Related Articles   Check

.... of a tamper proof module in the real world is diOEcult; nevertheless, there are many applications that rely on them (e.g. payphones, debit cards, or SIM cards for GSM) Given suOEcient time and resources, it becomes very probable that an attacker can violate the protection of such a module [1]. We believe that the actual realization of the presented TPE with reasonably strong guarantees in realworld settings is also quite diOEcult, but nonetheless feasible. Especially, since we only require the detection of tampering for most envisioned applications. We imagine the TPE as a regular ....

....protected with a special hardware that can eoeectively be sealed to detect tampering, is under continuous video surveillance similar to the systems used to supervise ATMs, and is subject to challenge inspections by the TM or an independent appraisal and inspection organization. As explained in [1], such an installation is conceivable and can even resist massive attacks. A thorough analysis of the remaining risks has to be undertaken, but this is not within the scope of this presentation. 4.5 Related work The idea to use trusted hardware to ensure a certain behaviour of a system, that was ....

R. Anderson and M. Kuhn. Tamper resistance ¯ a cautionary note. In The Second USENIX Workshop on Electronic Commerce Proceedings, pages 111, Oakland, California, November 1996.

.... a tamper proof module in the real world is extremely dif cult, nevertheless, there are many applications that rely on them (e.g. payphones, debit cards, or SIM cards for GSM) Given suOEcient time and resources, it becomes very probable that an attacker can violate the protection of the module [1]. Therefore, a tamper proof module should not protect information that is more valuable than the estimated cost 5 for breaking its protection. For the remainder of this presentation, we make the explicit assumption that the investment necessary to break our system is much greater than the ....

R. Anderson and M. Kuhn. Tamper resistance ¯ a cautionary note. In The Second USENIX Workshop on Electronic Commerce Proceedings, pages 111, Oakland, California, November 1996.

.... a tamper proof module in the real world is extremely diOEcult, nevertheless, there are many applications that rely on them (e.g. payphones, debit cards, or SIM cards for GSM) Given suOEcient time and resources, it becomes very probable that an attacker can violate the protection of the module [1]. Therefore, a tamper proof module should not protect information that is more valuable than the estimated cost 6 for breaking its protection. For the remainder of this presentation, we make the explicit assumption that the investment necessary to break our system is much greater than the ....

....is under continuous video surveillance, and subject to challenge inspections by an independent organization (such as the T#V 9 ) Since a telecommunication provider does only need a small number of these installations, we consider the cost for its realization quite realistic. As explained in [1], such an installation is conceivable and can even resist massive attacks. Again, a thorough analysis of the remaining risks has to be undertaken, but this is not within the scope of this presentation. Another problem exists with legislation that requires access to the information we try to ....

R. Anderson and M. Kuhn. Tamper resistance ¯ a cautionary note. In The Second USENIX Workshop on Electronic Commerce Proceedings, pages 111, Oakland, California, November 1996.

.... of a tamper proof module in the real world is diOEcult; nevertheless, there are many applications that rely on them (e.g. payphones, debit cards, or SIM cards for GSM) Given suOEcient time and resources, it becomes very probable that an attacker can violate the protection of such a module [1]. We believe that the actual realization of the presented TPE with reasonably strong guarantees in realworld settings is also quite diOEcult, but nonetheless feasible. Especially, since we only require the detection of tampering for most envisioned applications. We imagine the TPE as a regular ....

....protected with a special hardware that can eoeectively be sealed to detect tampering, is under continuous video surveillance similar to the systems used to supervise ATMs, and is subject to challenge inspections by the TM or an independent appraisal and inspection organization. As explained in [1], such an installation is conceivable and can even resist massive attacks. A thorough analysis of the remaining risks has to be undertaken, but this is not within the scope of this presentation. 5 Usage of the TPE to guarantee an agent s itinerary The CryPO protocol and the TPE described above ....

R. Anderson and M. Kuhn. Tamper resistance ¯ a cautionary note. In The Second USENIX Workshop on Electronic Commerce Proceedings, pages 111, Oakland, California, November 1996.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC