more on malicious hardware

Scott Guthery sbg at
Sun Apr 27 21:13:30 EDT 2008

>>Adding a backdoor to chips is a different story, though, since that would
require cutting a second set of masks. 
>>I am assuming that there must be no backdoor in the legitimately produced
chips since the client would detect 
>>it as a slight violation of some of their timing simulations. The client
also often inspects the masks before 
>>the chips are produced and basically reverse-engineers the whole chip on
that level.

A backdoor -- hardware or software -- in a smart card or TPM would be
difficult to detect by either of these means.  In the case that nation A is
buying these from nation F, don't you think that nation F would be motivated
to slip in a couple extra lines of code or a couple extra 100 gates just in
case?  If A got into a tangle with C, F would in a very strong position.  

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list