> $200 dollar phones likely aren't rolling their own HSMs. It'll probably be one of a few made big Co.s like Google, Samsung, Qualcomm, etc. I expect it'll be about as hard as getting them off $2000 dollar phones.
HSMs often misbehave or leak data when operated out of spec, as when the OEM's cheap logic board has voltage drop. Moreover, using the same piece of hardware across a hundred million devices is its own vulnerability, because then that's the one everyone is focused on breaking, and when anyone succeeds now they can extract the keys from a hundred million devices.
> Even if it's possible, that too will be a cat and mouse game which won't work for long.
The nature of it is to be physical hardware, so vulnerabilities commonly require the hardware to be replaced. Now you've got an active vulnerability for the lifetime of that hardware, which is typically at least 3 years. Meanwhile they find new ones every year.
Preventing this may not even be physically possible. The key has to be inside the device and the attacker has physical control over the device. Even if the equipment needed to extract it is expensive, the device itself can't be if you expect everyone to have one, so someone with that equipment makes a business out of extracting keys and selling them over the internet.
> now with the commonality of TPMs and HSMs it's here to stay.
Nothing lasts forever. Especially if you make a good show of burning it to the ground.
Aren't HSMs built to fail closed? Surely the designers would have added some protection mechanism that shuts down/resets the module when it encounters anomalous voltage inputs. Or is the attack surface simply too wide for that to be feasible?
HSMs often misbehave or leak data when operated out of spec, as when the OEM's cheap logic board has voltage drop. Moreover, using the same piece of hardware across a hundred million devices is its own vulnerability, because then that's the one everyone is focused on breaking, and when anyone succeeds now they can extract the keys from a hundred million devices.
> Even if it's possible, that too will be a cat and mouse game which won't work for long.
The nature of it is to be physical hardware, so vulnerabilities commonly require the hardware to be replaced. Now you've got an active vulnerability for the lifetime of that hardware, which is typically at least 3 years. Meanwhile they find new ones every year.
Preventing this may not even be physically possible. The key has to be inside the device and the attacker has physical control over the device. Even if the equipment needed to extract it is expensive, the device itself can't be if you expect everyone to have one, so someone with that equipment makes a business out of extracting keys and selling them over the internet.
> now with the commonality of TPMs and HSMs it's here to stay.
Nothing lasts forever. Especially if you make a good show of burning it to the ground.