[Cryptography] USB 3.0 authentication: market power and DRM?

Sun May 1 13:56:47 EDT 2016

On 5/1/16 8:41 AM, Kevin W. Wall wrote:
> Is perhaps the (alleged) reason for the authentication to prevent
> altered chargers
> from delivering malware, as was described at Blackhat USA 2013? E.g.,
> see <https://media.blackhat.com/us-13/US-13-Lau-Mactans-Injecting-Malware-into-iOS-Devices-via-Malicious-Chargers-WP.pdf>.
>
> Just a at thought. If nothing else, this might be the pretense of requiring
> authentication even though it indeed might not be the true motives.
>
> -kevin
The basic mechanisms are already deployed in proprietary ways. The USB 
PD authentication spec is just a standardization of existing practice - 
which I'm told works just fine at limiting counterfeit chargers.

The spec is not a copy and paste of any existing protocol though. It's a 
clean sheet design by members of the USB-IF.

The PD auth spec is not fit for purpose for preventing the delivering of 
malware, except in specific cases that an enterprising malware 
distributor would just work around by using the USB data wires instead 
of the PD wires.

The malware threat is principally on the USB data wires, both by 
exploiting vulnerabilities in known drivers ("Hi I'm an xyz-corp mouse, 
load my Swiss cheese driver") and exploiting overly trusting operating 
systems. That is for the other, as yet unwritten, spec which would do 
the auth before a driver is loaded and would enable different 
certification models (think corporate CA provisioning devices received 
through a secure supply chain).

There are plenty of motives for a USB security spec without inventing 
hypothetical ones. Car park flash attacks, BadUSB, MITM loggers and 
other USB vectors all provide the motivation for a security spec on the 
data wires, but that simply isn't done yet.

On PD it is entirely possible to make a device that lies and cause more 
volts or amps to be presented or pulled respectively than it compatible 
with the continues functioning of the device. This happens today with 
resistors on Type-C connectors, but with the PD protocol that 
negotiation is done with a protocol.

The other thing the PD auth spec does is provide a means to see that 
specific electrical certifications (UL, EC etc) have been attested to 
and who is doing the attesting. Also to see that specific USB 
certifications have been granted.

So the 'hidden' motive you suggest is not a motive for this spec, but it 
is a motive for the second part. As with any standards development, this 
can change until the final draft is approved.