[Cryptography] trojans in the firmware

Tue Feb 24 20:53:21 EST 2015

On Feb 24, 2015, at 2:24 AM, Ryan Carboni <ryacko at gmail.com> wrote:
> Fighting against a nation state using equipment you cannot design yourself or anyone you know could design... don't.
But in fact you can't design or manufacture *everything*.  Do you need control of your chips all the way back to mining the sand?

I'm pushing this beyond the logical limits, but there is a deep, underlying question:  Just what *do* you have to control?  Is there a theory we can apply here?  There seem to be some "obvious" lines.  If I build a computer out of (logical) MSI-level chips - simple logic gates JK-flipflops - it seems that even someone who could arbitrarily modify their behavior would have a tough time breaking my security.  Disk drives today, with tons of microcode embedded in the on-board controller, are clearly vulnerable.  How about a 1970's era drive, which left the CPU to handle all the complicated stuff?

But ... is that even true?  The attacker is not constrained to operate at the same level of abstraction as I am.  What I think is a JK-flipflop might be transmitting every set/reset to an attacker.  Can he do something with that?

Somehow, we're looking for something analogous to the theory of oblivious computation.  That's usually set up in a fairly high-powered framework - you assume a CPU similar to what we are used to today - say, an AWS instance - then require that the CPU instructions executed are not dependent on the secret data.  Is that enough?  Is there a meaningful way for memory to be oblivious?  There's a sense in which the answer is easy:  Storage of encrypted data, without the key.  But is that enough, as a component, to build a useful system?

The original problem in practical computing was how to build a *reliable* system out of *unreliable* components.  The modern, emerging problem is:  Can we build a secure system out of actively insecure components?