[Cryptography] GHCQ Penetration of Belgacom

Henry Baker hbaker1 at pipeline.com
Tue Dec 23 12:40:38 EST 2014 

At 06:54 AM 12/22/2014, ianG wrote:
>On 21/12/2014 19:22 pm, Jerry Leichter wrote:
>>On Dec 21, 2014, at 11:34 AM, ianG <iang at iang.org> wrote:
>>>>Nevertheless, to reword in the interest of clarity, hiding something in
>>>>hardware is, AND ALWAYS WILL BE, impossible to detect or disprove.
>>>How about dual-sourcing through mutual enemies?  E.g., use a China fab and a fab run by the dalai lama.  Or a Russian one and a Chechen one.
>>>
>>>Then, sample the chips, open them up, and test whether the tracks / layout are the same as each other?
>>>
>>>(I have no idea if such a technique for reading the chip like that exists...)
>>The pattern up to now has been for that attackers to move to lower and lower levels of abstraction.  Hack user code; hack OS code; hack boot-time code; hack firmware; hack the logic-level description of the hardware; hack the individual transistors (changing dopant levels so that the circuitry doesn't do *quite* what the logic assumes).  Every step down this hierarchy is harder for the attackers, but *much* harder for the defenders - and also much harder for the subset of defenders who analyze the details of attacks.  The lower you go, the fewer access points there are for analysis and the more delicate and hard to detect are the modifications.
>
>Hmmm... you make it sound as though this stuff is going on all the time all around us.
>
>Open question.  To what extent should we treat this as a realistic threat?  How prevalent is this?  Is there any way we can draw boundaries around this?

"People" have been adding extra little "antennas" on circuit boards (as part of their "fabrication") for decades.  These little antennas don't affect normal operation, but make surveilling a device much, much easier.  Have fun finding these little buggers!

A friend of mine went to a trade show in a foreign country and his demo devices were "delayed".  When he examined the devices carefully, he discovered that all of the screws had been not so carefully unscrewed & screwed back in.

So, yes, "this stuff is going on all the time all around us".

More information about the cryptography mailing list