[Cryptography] Fwd: [IP] 'We cannot trust' Intel and Via's chip-based crypto, FreeBSD developers say

[Phillip Hallam-Baker]

On Wed, Dec 18, 2013 at 2:46 AM, ianG <iang at iang.org> wrote:

>
> Yep.  I think mine was grad level but I did it as undergrad.  And, yes, we
> built a computer, and wrote a microcoded instruction set.  A lot of fun.
>  I'll admit my knowledge is way out of date tho, this was back in '83, the
> sophistication of what is now done in microcode has way eclipsed my
> understanding.


Some chips have microcode on microcode. The DEC Alpha even let the
operating system write instructions into the microcode (this allowed the
chip to emulate the VAX four ring security system).

It would be difficult to smuggle code to bork the RNG into the microcode.
But getting a backdoor in there that could allow the O/S to do the borking
might be rather easier. In fact that is the only way that a mass
manufactured chip could credibly bork a RNG whose design might be changed
after the chip went to fab.

It is a long time since I read an instruction set for a CPU and I suspect I
am not alone in that. Auditing a system down to the bare metal would be a
big challenge.




> As to whether the secret can be held, consider the story of DUAL_EC. That
> was a secret that Snowden knew, a contractor.


Do we know this?

I thought that the evidence we had was an elliptic comment in a powerpoint
slide that we have interpreted as being a smoking gun for the already
suspect DUAL_EC_NRRNG (Not Really Random Number Generator)



> I draw from that, that a lot of people knew about the project.  I also
> think that a certain amount of hubris affected the secrets sharing of the
> NSA over the last decade, they have done things that they promised would
> never come to light, and have been found out.  E.g., somewhere it was
> reported that they got authorisation from Obama for Stuxnet on the promise
> that the secret would never come out.
>

The code word is NOBUS 'Nobody But US'.

But I have it on authority that Snowden has changed the calculation. The
insider risk means that the risk of disclosure is now very high, possibly
as high as 1.0. That means far fewer NOBUS plans can be approved.


> Consider also Olympic Games.  That secret must have been shared by many
> hundreds, perhaps thousands, across multiple agencies & countries.  Yet,
> the only way we found out was when the darn furriners found the samples and
> decided to ask around what they were.


And might not have found out at all if the Israelis had not relaunched
STUXNET with their own payload, or at least that is one story that NSA
sources have tried to push.

Talking of which, one of the more surprising disclosures is that the NSA
handed raw intercept traffic to Israel. So does this mean that US political
organizations that are opposed to the Likud party policies have been spied
on by their own government and the intelligence passed to their political
enemies?

It certainly seems that the NSA didn't consider that possibility when they
handed over the data.

It seems very likely to me that the NSA has been effectively intervening in
domestic US politics and sabotaging the efforts of the Boycott, Sanctions
and Disinvestment movement.

What other political causes are they using their powers to tip the scales?
Mexico is pretty unhappy with the lack of US gun control laws, is the NSA
sharing raw intelligence with Mexico to help fight the war on drugs? Which
other countries are in the 'swapsies' club.


During the Reagan administration the CIA handed Saddam Hussein a list of
the major opposition leaders who were promptly murdered. Handing over raw
intelligence seems to me to be a way to achieve the same effect with more
plausible deniability.



-- 
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131219/7b4ea475/attachment.html>