[Cryptography] open hardware as a defence against state-level attacks

Bill Frantz frantz at pwpconsult.com
Mon Jan 12 12:22:09 EST 2015

On 1/11/15 at 8:49 PM, grarpamp at gmail.com (grarpamp) wrote:

>Sorry, but unless your own trusted third party observers are following your
>"open" hardware at every step from design to microcode to lithography
>fab through to binary exhaustive test vectors... you are subject to potential
>compromise at any step along the way. Please stop claiming otherwise.

It seems to me that using FPGAs offers a good route to secure hardware.

When we worked on KeyKOS, we were concerned about a Ken Thompson 
like attack on the assembler we were using. We decided that such 
an attack was a minor concern, since the assembler we were using 
was written before KeyKOS was designed, and it seemed quite hard 
to insert a Trojan in a system you had no knowledge of.

One advantage of FPGAs, is the large semantic difference between 
the programming level of the FPGA and the target architecture of 
the CPU. I think that large difference makes Trojans harder. As 
has been suggested by others, randomizing the location of 
various functions on the FPGA may be worthwhile.

The disadvantage of a FPGA CPU is performance. It almost 
certainly won't be as fast as Intel etc.'s latest.

In a very real sense, programming your own FPGA is a way to 
follow much of the production in your own lab, following 
grarpamp's advice.

Cheers - Bill

Bill Frantz        |"Web security is like medicine - trying to 
do good for
408-356-8506       |an evolved body of kludges" - Mark Miller
www.pwpconsult.com |

More information about the cryptography mailing list