From: Dave Emery <die@pig.die.com>
Date: Tue, 8 Apr 1997 20:41:34 -0700 (PDT)
To: cypherpunks@toad.com
Subject: Re: Black box attacks (was Re: Crypto-Dongel)
Message-ID: <199704090341.XAA09733@pig.die.com>
MIME-Version: 1.0
Content-Type: text


Lucky Green wrote :

> It is true that methods exist to recover data from RAM even after it has
> been "erased". First and foremost, there are physical processes taking
> place in the substrate that cause permanent changes in the cells containing
> the data. In general, if there is a chip left to analyze, the data that
> used to be stored within can be obtained. [The particular opponent may of
> course choose not to spend the funds required to perform the analysis.]
> 
> The only way to reliably remove data from RAM is to destroy the substrate.
> I recently investigated various methods of doing so for a certain high
> security application. My research showed that the only portable (and truly
> reliable) solution for this task are micro explosives. Perhaps
> unsurprisingly, the US uses explosives to protect the electronics in
> nuclear weapons. The local ATF office informed me that any device using
> explosives to destroy its contents would be considered a booby trap, even
> if the explosion would be contained to the inside of device and therefore
> not pose a danger to the operator.
> 
	I have heard about thermite devices being used for this in 
the sort of applications that might warrent it.   Granted that this
is a royal fire hazard unless very carefully engineered, but at least
it is not an explosive per se....  

	One can reduce this effect somewhat by implementing software or
hardware methods that complement the key or whatever you are protecting
every few seconds.   But I can testify, as someone who has done hardware
design, that the memory effect is real and very pronounced... not a
myth.


							Dave Emery
							die@die.com