Funkspiel schemes: an alternative to conventional tamper resistance

We investigate a simple method of fraud management for se-cure devices that may serve as an alternative or complement to conventional hardware-based tamper resistance. Under normal operating conditions in our scheme, a secure device includes an authentication code in its communications, e.g., in the digital signatures it issues. This code may be veried by a fraud management center under a pre-determined key . When the device detects an attempted break-in, it mod-i es . This results in a change to the authentication codes issued by the device such that the fraud management center can detect the apparent break-in. Hence, in contrast to the case with typical tamper-resistance schemes, the deployer of our proposed scheme seeks to trace break-ins, rather than prevent them. In reference to the wartime practice of physi-cally capturing and subverting underground radio transmit-ters { a practice analogous to the capture and use of secret information on secure devices { we denote this idea by the German term funkspiel, meaning \radio game." One challenge in constructing a funkspiel scheme is to ensure that an attacker privy to the authentication codes of the secure device both before and after the break-in, as well as the secrets of the device following the break-in, cannot de-tect the alteration to . Additional challenges involve min-imizing the communication and computation overhead, the requirement for use of shared secrets, and the state informa-tion associated with the authentication codes. We present several simple and practical schemes in this paper.