[Cryptography] [IP] 'We cannot trust' Intel and Via's chip-based crypto, FreeBSD developers say

Jerry Leichter leichter at lrw.com
Sun Dec 22 10:57:13 EST 2013 

On Dec 22, 2013, at 1:36 AM, ianG <iang at iang.org> wrote:
> Using RISC chips would be a substantial defence against the attack that has been outlined (leaving aside the obviously contentious debate as to whether the risk is serious).
The most widely published example of an attack against hardware was against the open-source SPARC chip design.  No microcode, very simple layout - and a it only took a few extra gates to suborn it completely.  The attack is somewhat different, and not have *field modifiable* microcode means the attack needs to be implanted early, but as far as vulnerability to hardware attacks in general, there's not much of a difference.

> What RISC CPUs are there these days in widespread deployment in off-the-shelf general purpose computers?
MIPS is still out there, though mainly in embedded systems.  For that matter, even SPARC still sees some use.  And as far as I know ARM implementations don't use microcode, but I could be wrong.  And PowerPC, while not a traditional RISC, is also designed to be directly implementable in hardware.

In fact, other the x86 and the old IBM 360-descendent mainframes, all the surviving architectures seem to be fairly RISC-like.

>> OS's didn't, as far as I know, load PALcode.  Rather, the PALcode needed to support a particular OS was loaded before the OS was loaded....
> If there was a way to reveal a signature of the PALcode, then it could be checked against known good sigs.  Just musing...
Yes, the design of the Alpha would have made a "trusted boot" option easy to fit  in.  But then it hasn't been all *that* hard to fit into other environments either.

The Alpha died before interest in a trusted boot environment really developed.  Sad - it was a nice design.
                                                        -- Jerry

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131222/71ef3e7c/attachment.bin>

More information about the cryptography mailing list