[Cryptography] The Crypto Bone's Threat Model

Jerry Leichter leichter at lrw.com
Fri Feb 27 18:07:47 EST 2015


On Feb 27, 2015, at 12:42 PM, Ray Dillinger <bear at sonic.net> wrote:
> ... I'm one of those curmudgeons who misses diskettes with write-protect tabs and wishes hard disks (and solid-state drives) came with write-protect toggle switches.
FYI, full-size SD cards have a write-protect capability.  Most have a little slider on the upper left side (when you are looking at the non-contact side of the card with the cut off corner at upper right).  If the slider is down, leaving a gap, or (for cards intended never to be written again) if there is a cut-out gap in the same position, the card is (supposed to be) write-locked.  (This is essentially identical to the way 5 1/4" floppies worked.)

Note the "supposed to be".  Unfortunately, support for write locking is an optional part of the SD standard.  Devices are free to ignore the lock.  If you want to rely on this feature, you need to choose your SD card reader carefully.  (I have no idea how widespread support for the feature actually is.)

The smaller SD card sizes (mini and micro) completely dropped support for the "write protect notch".  I guess the feeling was that no one cared enough to justify trying to fit this into the much smaller physical form factors.

All sizes support host commands to enable permanent write-locking, and to enable and disable temporary write-locking.  I don't think I've ever come across user-level software that could access these commands, and I don't even know how widely (or correctly) they are implemented.

> ...[T]here's no "signature checking" phase that
> would mean a key has to be built into hardware and that
> users have to trust a single potentially-subvertible source
> for updates.
Nevertheless, a signature checking is a useful thing to have.  It means that even if someone has temporary physical access to the device, they can't update it without also knowing the key.

I'd suggest the following:

1.  The modifiable portion of the device contains a signature key based on a published algorithm.
2.  To change the key, not only do you have to enable the mechanical interlock, but you must provide both the old key and the new key.  (Or perhaps sign the update with the old key.  It would seem these are equivalent, though I'd want to think about it some more.)
3.  All devices are shipped with the same published, initial key.
4.  If you lose the key, there's no way to ever update the device again - though it will continue to operate in its current configuration indefinitely.  (Allowing a "reset to factory state" would allow an attacker to load arbitrary code, which we obviously want to prevent.  Note that you can deliberately turn the device into a ROM by changing the key to a new randomly-chosen one and promptly discarding the new key.)

                                                        -- Jerry






More information about the cryptography mailing list