more on malicious hardware
Scott Guthery
sbg at acw.com
Sun Apr 27 21:13:30 EDT 2008
>>Adding a backdoor to chips is a different story, though, since that would
require cutting a second set of masks.
>>I am assuming that there must be no backdoor in the legitimately produced
chips since the client would detect
>>it as a slight violation of some of their timing simulations. The client
also often inspects the masks before
>>the chips are produced and basically reverse-engineers the whole chip on
that level.
A backdoor -- hardware or software -- in a smart card or TPM would be
difficult to detect by either of these means. In the case that nation A is
buying these from nation F, don't you think that nation F would be motivated
to slip in a couple extra lines of code or a couple extra 100 gates just in
case? If A got into a tangle with C, F would in a very strong position.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list