[Cryptography] USB 3.0 authentication
dj at deadhat.com
dj at deadhat.com
Fri Apr 29 22:19:45 EDT 2016
>> This spec is the first part. It's addressing the authenticity of PD
>> (power
>> delivery) devices by checking that they have been provisioned with certs
>> under a root controlled by the certification body. These devices may not
>> have USB data capability....
> How do you protect the embedded cert against physical attacks? These are
> pretty low-end devices - I don't see it being possible to have really
> high-grade protection. And the guys who want to build fake devices will
> have access to chip-level debugging stuff.
>
> It only takes one weak implementation to expose a certificate and the
> whole system collapses. I'm guessing the fallback is legal protection.
> But if you really think that's a useable fallback, you can just use the
> law from the get-go: Valid devices deliver some particular piece of
> copyrightable text, along with a trademarked image just for good measure.
>
It seems that many of the silicon vendors who supply USB interface chips
are also in the business of smart card, identity card and payment card
businesses. So it's possible that they are competent at hiding secrets in
a chip.
I think the major defense is having the cost of the attack be more
expensive than buying the authentic goods. The PD authentication protocol
is aimed at cheap devices, so that may be the case.
There is also the possibility of revoking intermediate certs, also I'm a
big sceptic on cert revocation.
More information about the cryptography
mailing list