[Cryptography] God Mode backdoors
Miles Fidelman
mfidelman at meetinghouse.net
Sat Aug 18 19:08:27 EDT 2018
On 8/18/18 6:47 PM, Ron Garret wrote:
> On Aug 18, 2018, at 8:44 AM, Bill Frantz <frantz at pwpconsult.com> wrote:
>
>> If we use trusted hardware to do the encryption, or verify the encrypted data does not include backdoor information, how do we built that hardware? I can see three ways:
>>
>> (1) Build it out of small scale ICs -- hex inverters, and quad nand gates for example. It seems very hard to put a backdoor into this kind of system. I have seen a 6502 built this way. It was about a cubic foot and could run Apple ][ programs.
>>
>> (2) Build it using a FPGA. There could be backdoors in the FPGA, but going from a device programmed at the gate level to a useful backdoor at the CPU level seems like it might be hard.
>>
>> (3) Run your own fab. Old fab equipment is available at prices that are affordable by individuals. I read about one guy who has his own fab in QST. I know another fab owner personally. She says her yield is currently limited by not having a good clean room, but she is getting some functioning chips in her garage.
> 4. Use hardware targeted specifically at non-consumer markets where security actually matters. This is no guarantee, of course, but it’s much less likely that a company would tolerate a back door in such a device because, were it to be discovered, it would probably bankrupt the company.
>
> One of the reasons I chose the STM32F405 for the SC4-HSM is that it specifically offers secure delivery of embedded code as a documented feature. Medical device companies rely on this to secure extremely valuable trade secrets. A back door would be grounds for a very costly class action lawsuit.
>
>
Well, easier said then done when trying to protect yourself about
national scale entities. There's a pretty nice list of hardware level
exploits, with references, at
https://en.wikipedia.org/wiki/Hardware_backdoor
If - say the NSA, or the Chinese Government, wants to - they
demonstrably have the ability to insert things at manufacturing time, or
replace chips during shipment.
Now, if by "non-consumer markets where security actually matters,"
you're talking military - and that's where the entire system is
typically specified by the government (can you say "clipper chip?").
Whether there are back doors in the hardware, or the algorithm, has been
long subject to debate - facts are a little harder to come by, since
this stuff is all classified TS/SCI.
Miles Fidelman
--
In theory, there is no difference between theory and practice.
In practice, there is. .... Yogi Berra
More information about the cryptography
mailing list