"Designing and implementing malicious hardware"
Karsten Nohl
honk98 at web.de
Sat Apr 26 02:33:11 EDT 2008
Jacob Appelbaum wrote:
> Perry E. Metzger wrote:
>> A pretty scary paper from the Usenix LEET conference:
>>
>> http://www.usenix.org/event/leet08/tech/full_papers/king/king_html/
>>
>> The paper describes how, by adding a very small number of gates to a
>> microprocessor design (small enough that it would be hard to notice
>> them), you can create a machine that is almost impossible to defend
>> against an attacker who possesses a bit of secret knowledge. I suggest
>> reading it -- I won't do it justice with a small summary.
>>
>> It is about the most frightening thing I've seen in years -- I have no
>> idea how one might defend against it.
>>
>
> "Silicon has no secrets."
>
> I spent last weekend in Seattle and Bunnie (of XBox hacking fame/Chumby)
> gave a workshop with Karsten Nohl (who recently cracked MiFare).
>
> In a matter of an hour, all of the students were able to take a
> selection of a chip (from an OK photograph) and walk through the
> transistor layout to describe the gate configuration. I was surprised
> (not being an EE person by training) at how easy it can be to understand
> production hardware. Debug pads, automated masking, etc. Karsten has
> written a set of MatLab extensions that he used to automatically
> describe the circuits of the mifare devices. Automation is key though, I
> think doing it by hand is the path of madness.
>
> If we could convince (this is the hard part) companies to publish what
> they think their chips should look like, we'd have a starting point.
>
> Perhaps,
> Jacob
Silicon has no secrets, indeed. But it's also much too complex for
exhaustive functionality tests; in particular if the tests are open
ended as they need to be when hunting for backdoors.
While a single chip designer will perhaps not have the authority needed
to significantly alter functionality, a small team of designers could
very well adopt "their" part of a design and introduce a backdoor.
Hardware designs currently move away from what in software would be open
source. Chip obfuscation meant to protect IP combined with the ever
increasing size of chips makes it almost impossible to reverse-engineer
an entire chip.
Bunnie pointed out that the secret debugging features of current
processors perhaps already include functionality that breaks process
separation. The fact that these features stay secret suggest that it is
in fact hard to detect any undocumented functionality.
Assuming that hardware backdoors can be build, the interesting question
becomes how to defeat against them. Even after a particular triggering
string is identified, it is not clear whether software can be used to
detect malicious programs. It almost appears as if the processor would
need a hardware-based virus-scanner or sorts. This scanner could be
simple as it only has to match known signatures, but would need have
access to a large number of internal data structures while being
developed by a completely separate team of designers.
-Karsten
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list