[Cryptography] God Mode backdoors

Miles Fidelman mfidelman at meetinghouse.net
Sat Aug 18 19:08:27 EDT 2018 

On 8/18/18 6:47 PM, Ron Garret wrote:

> On Aug 18, 2018, at 8:44 AM, Bill Frantz <frantz at pwpconsult.com> wrote:
>
>> If we use trusted hardware to do the encryption, or verify the encrypted data does not include backdoor information, how do we built that hardware? I can see three ways:
>>
>>   (1) Build it out of small scale ICs -- hex inverters, and quad nand gates for example. It seems very hard to put a backdoor into this kind of system. I have seen a 6502 built this way. It was about a cubic foot and could run Apple ][ programs.
>>
>>   (2) Build it using a FPGA. There could be backdoors in the FPGA, but going from a device programmed at the gate level to a useful backdoor at the CPU level seems like it might be hard.
>>
>>   (3) Run your own fab. Old fab equipment is available at prices that are affordable by individuals. I read about one guy who has his own fab in QST. I know another fab owner personally. She says her yield is currently limited by not having a good clean room, but she is getting some functioning chips in her garage.
> 4.  Use hardware targeted specifically at non-consumer markets where security actually matters.  This is no guarantee, of course, but it’s much less likely that a company would tolerate a back door in such a device because, were it to be discovered, it would probably bankrupt the company.
>
> One of the reasons I chose the STM32F405 for the SC4-HSM is that it specifically offers secure delivery of embedded code as a documented feature.  Medical device companies rely on this to secure extremely valuable trade secrets.  A back door would be grounds for a very costly class action lawsuit.
>
>
Well, easier said then done when trying to protect yourself about 
national scale entities.  There's a pretty nice list of hardware level 
exploits, with references, at 
https://en.wikipedia.org/wiki/Hardware_backdoor

If - say the NSA, or the Chinese Government, wants to - they 
demonstrably have the ability to insert things at manufacturing time, or 
replace chips during shipment.

Now, if by "non-consumer markets where security actually matters," 
you're talking military - and that's where the entire system is 
typically specified by the government (can you say "clipper chip?").  
Whether there are back doors in the hardware, or the algorithm, has been 
long subject to debate - facts are a little harder to come by, since 
this stuff is all classified TS/SCI.

Miles Fidelman



-- 
In theory, there is no difference between theory and practice.
In practice, there is.  .... Yogi Berra

More information about the cryptography mailing list