[Gnuk-users] Binding a private key image to a single MCU/board

[NIIBE Yutaka]

Hello,

Let me rephrase my idea of yesterday.

It would be good to include some board specific bytes or some chip
specific bytes as a part of input to compute data encryption key for
storing private keys, so that it could mitigate a simple attack of
copying the internal flash ROM of MCU.

If I were an attacker, when I (can) copy the data of internal flash
ROM, I would make sure copying specific hardware situation (of pins)
and chip specific bytes (of unique id of MCU or option bytes), too.

I would guess that there are some attackers who are careless enough.

If someone can connect a battery to the board and let it keep the
backup registers (BKP of 20-byte) of MCU, it could be tamper proof
when Gnuk includes BKP values for computation of DEK.
--