minor updates

This commit is contained in:
Anton Livaja 2024-11-27 15:46:34 -05:00
parent 435f833387
commit 9c33166409
Signed by: anton
GPG Key ID: 44A86CFF1FDF0E85
1 changed files with 16 additions and 14 deletions

View File

@ -30,17 +30,19 @@ One of the most reliable methods for ensuring tamper evidence relies on the rand
There are no known attacks for this type of tamper proofing method when executed properly. The main sources of risk stem from consistent and repeatable photography and comparison of photographs to ensure that any changes can be detected.
If photographs are not cryptographically signed, they can also be manipulated and/or replaced which could result in the compromise of the system as well.
The reason this method is effective is because unlike with many other methods that tamper proof a specific part of an object, such as applying glitter to screws which leaves device ports exposed, or using cryptographic signing to verify the hardware has not been modified, still leaving the door to physical modifications, vacuum sealing with colored filler encases the entire object in a tamper evident manner.
### Adequate Filler
To achieve the best level of randomness and difficulty of reproducing the arrangement of filler in a vacuum sealed bag, a variety of beads of different sizes and color should be used.
To achieve the best level of randomness and difficulty of reproducing the arrangement of filler in a vacuum sealed bag, a variety of beads of different sizes and color should be used. They may be made of different materials as well.
### Additional Considerations
* This strategy may be layered, for example if one chooses to apply it to a hardware token, the sealed hardware token can be placed inside of a bigger bag, along with a laptop.
* A similar method can be used but with a bin that the object is placed into. The main disadvantage here is that this type of tamper proofing is not resistant to seismic activity, air movement, or other sourced of vibration which could shift filler around.
* A similar method can be used but with a bin filled with filler that the object is placed into. The main disadvantage here is that this type of tamper proofing is not resistant to seismic activity, air movement, or other sourced of vibration which could shift filler around.
### Procedure