[Cryptography] open hardware as a defence against state-level attacks

ianG iang at iang.org
Mon Jan 12 05:46:15 EST 2015

On 12/01/2015 05:49 am, grarpamp wrote:
> On Wed, Jan 7, 2015 at 3:06 AM, ianG <iang at iang.org> wrote:
>> As much discussed here, it may be that open designs to defend against state
>> level attacks are moving down the deployment stack into the hardware level:
>> http://rt.com/news/220279-slur-market-leak-security/
>>   RT: The NSA has been trying to go after Tor users for a while now, but
>> seemingly with little success. Do you think enough has been done to ensure
> Tor only protects against some rather narrow cases. Passive (and active)
> adversaries are quite capable attackers if given the oppurtunity.
> I would think you could defeat some passive attacks by filling all the
> links with
> data/chaff fulltime, but no one seems to be developing that theory in practice.
>> mathematics. We’ve also built an open-source processor with security
>> features designed to protect both the Tor relay and slow market
>> applications. This is achieved by separating those processes from the host
>> operating system with hardware-anchored cryptographic isolation. The system
>> on chip is based on an OpenSPARC T1 by Sun Microsystems with substantial
>> enhancements to the hypervisor and two cryptographic co-processors. That
>> will be released in about a month and the designs for the development board
>> and the logic of the system on chip will be of course open source.
> Sorry, but unless your own trusted third party observers are following your
> "open" hardware at every step from design to microcode to lithography
> fab through to binary exhaustive test vectors... you are subject to potential
> compromise at any step along the way. Please stop claiming otherwise.

Seems like you are letting the perfect be the enemy of the good. 
Defence in depth.  Defence against fierce & persistent attacks is not 
about defeating the enemy totally & utterly but about raising the cost 
of the easy attacks to just above the cost of the next easy attack. 
Rinse & repeat.


ps; old story about 2 guys running away from a tiger.  The one who stops 
to put on running shoes was the one who told the tale.

More information about the cryptography mailing list