Oddbean new post about | logout
semisol | 1 months ago (raw) | export | reply | flag +9 
 And everyone keeps sourcing their SEs from a company (Microchip) which had made 3 revisions of their chip with only ROM changes and still has not fixed the root cause of flaws in the ATECC508A, 608A and 608B (used in a lot of HWWs) which is that there is no light sensors or self-terminate mechanism in the case of an attack

Their way of rating chip security is via the JIL rating system which is a very low bar to pass and involves the vendor coming up with their own numbers on how hard it could be to attack it, which they conflate with EAL5/6 because that is a lot harder and expensive for what is supposed to be an IoT SE nostr:note1upvg0s73kj57387rpq3zq55jm29fsrf838vnps79k3zzk3ypaldshhpnft
mutatrum | 1 months ago (raw) | root | parent | reply | flag 
 What about Tropic?
semisol | 1 months ago (raw) | root | parent | reply | flag 
 A good change.

But far from ready. Security ICs take years to develop and perfect.

And in the end, you still cannot verify code running on it, the only difference being NDAd documentation and architecture which makes little difference to the end user.
frphank | 1 months ago (raw) | root | parent | reply | flag 
 Correct Atecc's are IoT SE's which is a much lower risk than wallets. If you break an IoT SE your could end up controlling your neighbor's AC. If you break a wallet SE that could be $10,000 worth of currency.

I wonder what sorts of SE's credit cards use.
semisol | 1 months ago (raw) | root | parent | reply | flag 
 Look at:
- ST32 from STmicro
- TEGRION series from Infineon
- SmartMX3 from NXP

The SE050 is just a configuration of the P71D321 in a chip form factor with JCOP and an applet
frphank | 1 months ago (raw) | root | parent | reply | flag 
 Thanks. Sorry these are what credit cards use? Or recommend for wallet use? They have a better track record than Atecc?

ST32 means STM32 I assume?

Funny because as opposed to dedicated secure elements these are general purpose programmable microcontrollers with cryptography just one of the features they offer. You even have to BYO cryptographic library in the case of STM32. intuitively, that would make them more vulnerable? Larger attack surface?

SmartMX3 and Tegrion say "EMV payments" on their product page that sounds promising. This application has had much broader and longer exposure than e.g. Yubikeys/FIDO so if they have stood that test of time then that speaks for them.

I've been looking into SE050 as Atecc replacements might look into them further against this background. I'm still unhappy with the state of open source FIDO keys (too expensive/too complicated).
semisol | 1 months ago (raw) | root | parent | reply | flag 
 No, the ST32s are different even though similarly named

https://www.st.com/en/secure-mcus/st32-arm-core.html
frphank | 1 months ago (raw) | root | parent | reply | flag 
 Ooooh. TIL.

I like how it says SIM.
Corbin | 1 months ago (raw) | root | parent | reply | flag 
 * While developing a HWW,