The December 2022 issue of IEEE Spectrum is here!

Close bar

The Unhackable Envelope

Engineers in Germany have come up with a security enclosure that needs no battery and can’t be penetrated without wiping its data

3 min read
This image shows the unfolded envelope before it is wrapped around a hardware security module.
Photo: Fraunhofer AISEC 

In a high-security computer center, there’s one machine that’s nearly impossible to break into. The systems that store and serve up cryptographic keys are physically protected from even the kinds of subtle attacks that belong in spy movies: X-rays, drill bits a fraction of a millimeter wide, electromagnetic snooping.

These so-called hardware security modules (HSMs) are protected by a battery-powered mesh of micrometer-scale wires embedded in special resin, and they store cryptographic keys in volatile memory that is automatically wiped if the mesh experiences even a minute amount of damage. The tiniest drill bit, for example, will result in open circuits, short circuits, or other changes in resistance that the system instantly detects.

It’s hard to say if anyone has ever succeeded in penetrating an HSM, because it’s not the sort of thing that companies crow about. But engineers from three institutions in Munich think they can do better. In particular, they see potential problems with the reliance on a battery and the memory system.

In today’s HSMs, a resistance-changing penetration “destroys any secret material stored inside the circuitry,” explains Georg Sigl, director of the Fraunhofer Institute for Applied and Integrated Security (AISEC) and chair of security in information technology at Technische Universität München. However, when the battery attached to the HSM dies, “everything inside is destroyed as well. The lifetime of the system is determined by the battery life time, and that includes storage time.”

This dependence on the battery also limits what kinds of environments the system can survive on its way to being plugged into a secure computer center. If it gets too cold during transport, the battery could die, or its environmental surveillance circuits could trip. The system would then destroy its cryptographic keys, which are installed before the HSM is sealed, and the system would essentially be dead on arrival.

The requirement of a stable environment “also limits applications to fixed mountings in stable environments,” says Matthias Hiller, head of the physical security group at AISEC. “You can’t use it in moving vehicles or on a person.”

A diagram of the Host system enclosed with envelope with labelsImpregnable: B-Trepid’s electrode layers (Rx and Tx) create a unique capacitive signature used to encrypt data on the system within.Illustration: Fraunhofer AISEC

Their solution, called B-Trepid, replaces the stored key with one that is generated by the structure of the envelope itself. Instead of relying on resistances in the envelope’s mesh, B-Trepid calculates the capacitances between the mesh’s wires. These femtofarad capacitances vary from envelope to envelope in unpredictable ways, so that each envelope has a unique electrical signature. This signature is impossible to reproduce in practice, so it counts as what’s called a physical unclonable function—characteristics unique to each item that can act as a cryptographic key.

When B-Trepid is attached to its computer network and turned on, the external mesh generates a unique key that is used to encrypt all the data within the system. When it’s off, there’s no key and therefore nothing to steal. So there’s no need for a battery. And if the envelope is penetrated, which Sigl’s team did using a 0.3-millimeter drill, its capacitances shift. This alters the physical unclonable function (PUF), automatically rendering any data within the system unreadable.

“We currently have prototypes, and the concept works,” says Sigl. “We now must develop serious production capabilities for the [envelope] and improve integration into systems.”

The Fraunhofer team, including Vincent Immler, Johannes Obermaier, and Jan Koenig, presented the system this week at the IEEE International Symposium on Hardware Oriented Security and Trust, in Washington, D.C.

The Conversation (0)

Why Functional Programming Should Be the Future of Software Development

It’s hard to learn, but your code will produce fewer nasty surprises

11 min read
A plate of spaghetti made from code
Shira Inbar

You’d expectthe longest and most costly phase in the lifecycle of a software product to be the initial development of the system, when all those great features are first imagined and then created. In fact, the hardest part comes later, during the maintenance phase. That’s when programmers pay the price for the shortcuts they took during development.

So why did they take shortcuts? Maybe they didn’t realize that they were cutting any corners. Only when their code was deployed and exercised by a lot of users did its hidden flaws come to light. And maybe the developers were rushed. Time-to-market pressures would almost guarantee that their software will contain more bugs than it would otherwise.

Keep Reading ↓Show less