IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Threats Catalogue Deliberate Acts Remarks<br />

____________________________________________________________________ .........................................<br />

T 5.82 Manipulation of a cryptomodule<br />

A perpetrator can attempt to manipulate a cryptomodule in order to read secret<br />

codes, alter the codes or even alter vital security parameters. A cryptomodule<br />

can be manipulated in various ways, for example it can contain:<br />

- a super password which can get round all other passwords.<br />

- unregistered test modes through which sensitive areas can be accessed at<br />

any time.<br />

- Trojan horses, i.e. software which, alongside its actual task, performs<br />

actions which cannot be recognised directly, such as recording passwords.<br />

- manipulated access rights to certain commands<br />

. Other examples of such attacks include:<br />

- modifying cryptographic codes,<br />

- impairing the internal code generation, e.g. by manipulating the random<br />

number generator,<br />

- modifying the processes within the cryptomodule,<br />

- modifying the source code or the executable code of the cryptomodule,<br />

- exceeding or falling below the permissible range of the cryptomodule's<br />

voltage supply, temperature, EMC limits, etc.<br />

When the cryptomodule is manipulated, the perpetrator will usually try to<br />

conceal the attack so that the user believes the cryptomodule to be working<br />

correctly at first glance, although it is actually in an insecure state. <strong>The</strong>re are,<br />

nevertheless, also destructive attacks in which perpetrators consciously resign<br />

themselves to destroying the cryptomodule, for example if they wish to obtain<br />

information on how the cryptomodule functions or read the cryptographic<br />

code.<br />

A perpetrator can attempt to attack the cryptomodule at the user's site or steal<br />

it. If the user's site is poorly protected, the manipulation may be performed<br />

extremely rapidly and may thereby remain unnoticed for a long time. By<br />

stealing cryptomodules, a perpetrator can obtain important information on<br />

how a component can most easily be manipulated. <strong>The</strong> stolen components can<br />

be used to obtain sensitive information such as codes, software or knowledge<br />

of hardware security mechanisms. However, the stolen component can also be<br />

used to fake an authentic cryptomodule.<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!