[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The security characteristics of crypto modules with secrets

   The advantage of a secure crypto module on an insecure server (or
   router or whatever) is in limiting the scope of successful attack. 

Just to expand on this, the scope is limited in _time_, not space.
That's, when you pull out the module (literally or figuratively), the
attack is known to be over -- and don't plug it back into a machine of
unknown state.

   The main important
   difference between this attack and just learning the server's secret
   is that it only remains useful as long as the attack is undiscovered.

Yes.  Typically, once the attack is discovered, the method used in the
attack is also discovered.  The particular hole is then patched.  The
system can now be put back online without fear of immediate