[Cryptography] Fwd: [IP] 'We cannot trust' Intel and Via's chip-based crypto, FreeBSD developers say

Jonathan Thornburg jthorn at astro.indiana.edu
Tue Dec 17 13:23:09 EST 2013 

On Tue, 17 Dec 2013, ianG wrote:
> Intel is not audited or otherwise publically verifiable as being clean, and
> has a very strong, long standing relationship with the NSA.

This (and everything else ianG wrote EXCEPT for the sentence I'm about
to quote) is [IMHO] certainly true.


IanG went on to write
> As a matter of
> historical fact, they added a population count opcode (others will know more).

I don't think that fact argues anything one way or the other on the
trustworthyness of Intel CPUs.  I think straightforward above-board
marketing logic can equally well explain popcount:

Suppose you're an Intel manager.
A customer (who has bought lots of Intel chips in the past
            and who we know has a huge budget and plans to buy
            either Intel chips stuff or someone else's in the future)
comes to Intel and says
  "if you add popcount, we will be more likely to buy Intel chips".

Or even
  Intel manager knows that the NSA loves popcount instructions.
  (E.g., s/he knows about history of CDC Cyber Series & Cray back
  in the 1960s/70s/80s.)  S/he puts 2 and 2 together and decides
  to have a chat with Intel's government-sales people to see if
  popcount might boost sales.  They say "oh yea, the NSA people are
  always going on about how great popcount is".  Manager #1 asks
  architecture manager how much it would cost to implement popcount.
  Architecture manager checks with the tech folks and replies "it
  would be pretty cheap".  Information percolates back up the
  corporate food chain until somebody says "Make it so".


It's perhaps also pointing out that some of Intel's competitors also
have popcount instructions, e.g. Sparc v9 and Alpha (r.i.p.).

-- 
-- "Jonathan Thornburg [remove -animal to reply]" <jthorn at astro.indiana-zebra.edu>
   Dept of Astronomy & IUCSS, Indiana University, Bloomington, Indiana, USA
   "There was of course no way of knowing whether you were being watched
    at any given moment.  How often, or on what system, the Thought Police
    plugged in on any individual wire was guesswork.  It was even conceivable
    that they watched everybody all the time."  -- George Orwell, "1984"

More information about the cryptography mailing list