Hacker News new | past | comments | ask | show | jobs | submit login

Does the Titan M not store data in some physical medium? As far as I know, there isn't any way to prevent a truly dedicated and resourceful attacker from reading data that exists physically. The only constraints are money and time. A chip that e.g. self-destructed on detecting signs of tamper would be harder to break, but if the data exists physically, it must be recoverable in some way, no?



Bingo! Money and time. When you're going against an adversary with massive amounts of both, all bets are off. Physical access means eventual compromise.


Shouldn't a strong symmetric encryption with a long key prove to be safe enough as to not be crackable in a reasonable amount of time (~10 years), even if the hardware is directly accessible ?


Probably, at least in practice if no critical components in the chain fail due to bugs/exploits and are as secure as intended (excluding the metaphorical "hammer VS fingers" attack).

I think the difference here between you and the poster you replied to is that you're probably correct given certain assumptions but the earlier post also remains correct in a conceptual or theoretical sense, like pure information/security theory


Yes, but long keys are unwieldy. There's a comment I made in this thread[1] that calculates how long of a password you need for 128 bits of entropy.

[1] https://news.ycombinator.com/item?id=25358206


I don't know why you were voted dead for asking a question. I vouched for your comment.


I don't know why you were voted dead for asking a question.

That's a new account (name in green). I think they start out dead. I think one or more comments need to be voted up and then the account becomes not dead (alive?).


The trick for this case is a very long key, 1mb of more, try to recover all of them, you can lose about 60 bits, but not much more. What is the speed of extraction? You only need to delay it for a couple of decades.


Yeah some higher end security chips have passive mechanisms that make the microstructures more delicate and harder to reach and therefore harder to physically read. This is on top of active mechanisms that try constrain operation to well defined range of temperatures, voltage and power conditions to prevent brown out and booby traps that trigger effacement.

You have to disclose a lot of info during the cert process though so I don't think this is too much of a hurdle for big players like the NSA.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: