[Cryptography] open hardware as a defence against state-level attacks
iang at iang.org
Mon Jan 12 05:46:15 EST 2015
On 12/01/2015 05:49 am, grarpamp wrote:
> On Wed, Jan 7, 2015 at 3:06 AM, ianG <iang at iang.org> wrote:
>> As much discussed here, it may be that open designs to defend against state
>> level attacks are moving down the deployment stack into the hardware level:
>> RT: The NSA has been trying to go after Tor users for a while now, but
>> seemingly with little success. Do you think enough has been done to ensure
> Tor only protects against some rather narrow cases. Passive (and active)
> adversaries are quite capable attackers if given the oppurtunity.
> I would think you could defeat some passive attacks by filling all the
> links with
> data/chaff fulltime, but no one seems to be developing that theory in practice.
>> mathematics. We’ve also built an open-source processor with security
>> features designed to protect both the Tor relay and slow market
>> applications. This is achieved by separating those processes from the host
>> operating system with hardware-anchored cryptographic isolation. The system
>> on chip is based on an OpenSPARC T1 by Sun Microsystems with substantial
>> enhancements to the hypervisor and two cryptographic co-processors. That
>> will be released in about a month and the designs for the development board
>> and the logic of the system on chip will be of course open source.
> Sorry, but unless your own trusted third party observers are following your
> "open" hardware at every step from design to microcode to lithography
> fab through to binary exhaustive test vectors... you are subject to potential
> compromise at any step along the way. Please stop claiming otherwise.
Seems like you are letting the perfect be the enemy of the good.
Defence in depth. Defence against fierce & persistent attacks is not
about defeating the enemy totally & utterly but about raising the cost
of the easy attacks to just above the cost of the next easy attack.
Rinse & repeat.
ps; old story about 2 guys running away from a tiger. The one who stops
to put on running shoes was the one who told the tale.
More information about the cryptography