[Cryptography] ORWL - The First Open Source, Physically Secure Computer
grarpamp
grarpamp at gmail.com
Fri Sep 2 18:06:07 EDT 2016
On Tue, Aug 30, 2016 at 12:49 AM, Randy Bush <randy at psg.com> wrote:
> there are a fair number of scary papers about fpga trojans. it is very
> hard to verify fabbed silicon, driving folk to desperate techniques such
> as multi-fab comparison etc.
Meaningfully / reliably / repeatably decapping small micron process,
paying for multi-fab runs, or attempting to exhaustively pattern test
billions of gates via i/o pins let alone the hidden supervisor you can't
test, seems a bit pointless.
Which is why you openfab and infuse your open audit, verification,
public access, "no secrets" policies, throughout the entire process...
design, supply, tooling, manufacture, n-man staffing, packaging, etc.
All fabs and product today are effectively secret.
That's beyond stupid. Especially for things you "rely on".
Fix that.
More information about the cryptography
mailing list