Presentation is loading. Please wait.

Presentation is loading. Please wait.

Carol Cantlon, B.E. (Chemical Engineering)

Similar presentations


Presentation on theme: "Carol Cantlon, B.E. (Chemical Engineering)"— Presentation transcript:

1 Potential Chemical Attacks on Coatings and Tamper Evident Seal Adhesives
Carol Cantlon, B.E. (Chemical Engineering) EWA-Canada IT Security Evaluation & Test Facility

2 Potential Chemical Attacks
Outline Chemical Security Mechanisms for FIPS Physical Security Tamper Evident Seal Attacks Comparison of Tamper Evident Seals to Pick-Resistant Locks Conformal Coatings and Paints Epoxies Conclusion Recommendations 27 September 2005 Potential Chemical Attacks

3 Potential Chemical Attacks
Chemical Mechanisms Multiple-Chip Embedded At Physical Security Level 2 Bleeding paint or conformal coatings Multiple-Chip Standalone Tamper Evidence at Physical Security Level 2 and Above Tamper evident seals 27 September 2005 Potential Chemical Attacks

4 Chemical Mechanisms Continued
Multiple-Chip Embedded or Multiple-Chip Standalone Security Level 3 Hard opaque coating or potting material 27 September 2005 Potential Chemical Attacks

5 Potential Chemical Attacks
Tamper Evident Seals Tamper Evident Seals are comprised of the following: the paper - with label and/or serial number the adhesive 27 September 2005 Potential Chemical Attacks

6 Potential Chemical Attacks
Adhesive Bond Paper Cover or Door Enclosure Discontinuity Mechanical bond: adhesive of the tamper evident seal flows into microscopic holes of the surface and hardens 27 September 2005 Potential Chemical Attacks

7 Potential Chemical Attacks
Successful Attack Cause adhesive to flow to break bond without damaging paper Tamper evidence is provided by the paper and not the adhesive since adhesive residue can be cleaned from the enclosure and/or cover. Just need to remove seal from one part 27 September 2005 Potential Chemical Attacks

8 Potential Chemical Attacks
Paper Damage Breaks in the paper such as tears, scores or wording; Damage to the holograph; Deformation, e.g. stretching of the paper; Discoloration of the paper; and Dye running – may also stain a hard plastic enclosure 27 September 2005 Potential Chemical Attacks

9 Effective Methods - Solvents
Water Usually not effective since most adhesives do not dissolve in water Methyl Hydrate Dissolves some glues Acetone Effective for acrylic-based adhesives 27 September 2005 Potential Chemical Attacks

10 Effective Methods - Heat
Hair dryer preferred over heat gun Heat gun’s high temperature-low humidity heat may crack the paper. 27 September 2005 Potential Chemical Attacks

11 Potential Chemical Attacks
Heat vs. Solvents Heat does not need to be directly applied to the adhesive. For solvents, difficulty in targeting adhesive since the adhesive is entirely covered by the paper. Plastic, e.g. low density polyethylene, paper or metalicized paper may allow soaking of the seal in the solvent for an attack because not damaged by wetting. 27 September 2005 Potential Chemical Attacks

12 Successful Heat Attack
27 September 2005 Potential Chemical Attacks

13 Potential Chemical Attacks
Why Did It Work? Metallic surface of seal and metal plate both reflected heat: Surface of seal preventing damage Surface of metal plate directing heat to adhesive Metal plate expanded slightly to allow adhesive to flow 27 September 2005 Potential Chemical Attacks

14 Counteracting the Effect of Metal Surfaces
27 September 2005 Potential Chemical Attacks

15 Tamper Evident Seal Feature
Words formed in paper Path of least resistance on pulling of tamper evident seal from surface leaves behind words 27 September 2005 Potential Chemical Attacks

16 Seal Damaged from Solvent
27 September 2005 Potential Chemical Attacks

17 Potential Chemical Attacks
Acid and Base Attacks Not as successful as other mentioned attacks Weak acids (H+) and bases (-OH) are similar to neutral water as a solvents. Strong acids and bases will damage paper and/or surfaces. 27 September 2005 Potential Chemical Attacks

18 Potential Chemical Attacks
Pick-Resistant Locks Superior to tamper evident seals for preventing access Require the use of drills, saws or picks to remove 27 September 2005 Potential Chemical Attacks

19 Locks vs. Tamper Evident Seals
Tamper evident seals are easy to add to off-the-shelf enclosures. Theft of the key for the lock is equivalent to theft of replacement tamper evident seals. Discovery of combination for logical lock – loss of tamper evidence 27 September 2005 Potential Chemical Attacks

20 Adhesives Directly on Covers
Used in the manufacturer of smaller devices, i.e. PCMCIA cards Thin line of adhesive exposed on the side 27 September 2005 Potential Chemical Attacks

21 Potential Chemical Attacks
Use syringe to inject solvent. Freezing attacks may be successful if adhesive becomes brittle and the covers can be separated. Covers may be reattached without showing tamper evidence by applying glue. 27 September 2005 Potential Chemical Attacks

22 Potential Chemical Attacks
Coatings Conformal coatings include acrylics, epoxies, urethanes, parxylenes or silicones. Paints are polymer emulsions. Coatings are similar to adhesives in that they need to adhere to the circuit board. Epoxies can contain a tamper detection mesh. 27 September 2005 Potential Chemical Attacks

23 Potential Chemical Attacks
Polymers Polymers are long chain hydrocarbons which may or may not have other elements such as chlorine, nitrogen, or fluorine as part of each repeating unit or monomer. Polymers, by their nature, are resistant to decomposition. Strong acids or bases may breakdown the polymer, but also may damage circuitry. 27 September 2005 Potential Chemical Attacks

24 Common Cause of Polymer Decomposition
A common cause of polymer decomposition is ultraviolet (UV) light. Free radicals generated by UV light cause monomer bonds to break. UV stabilizers are added to prevent decomposition. Use concentrated UV source to attack conformal coatings? 27 September 2005 Potential Chemical Attacks

25 Potential Chemical Attacks
Epoxy Resins Made from the chemical reaction of two compounds: Bisphenol A-Bis A (or bisphenol F-Bis F- and/or ‘Novolac’) and Epichlorohydrin 27 September 2005 Potential Chemical Attacks

26 Potential Chemical Attacks
Bisphenol A-Bis A Chemical product of one acetone unit O CH2 - C - CH2 with two phenol groups: OH 27 September 2005 Potential Chemical Attacks

27 Potential Chemical Attacks
Solvent for Epoxies Acetone could make a good solvent for epoxies since it is a building block of them. 27 September 2005 Potential Chemical Attacks

28 Potential Chemical Attacks
Conclusion Chemical mechanisms used in physical security have similar properties. 27 September 2005 Potential Chemical Attacks

29 Potential Chemical Attacks
Recommendations Standardization of chemical testing approaches amongst all Cryptographic Module Testing Laboratories while still encouraging laboratory innovation 27 September 2005 Potential Chemical Attacks

30 Recommendations Continued
Encourage the use of multiple layers of physical security mechanisms: Tamper evident seals (provides better tamper evidence) with locks (provides better access prevention) Tamper evidence for enclosure plus epoxy on internal circuitry 27 September 2005 Potential Chemical Attacks


Download ppt "Carol Cantlon, B.E. (Chemical Engineering)"

Similar presentations


Ads by Google