[Cryptography] TRNGs as open source design semiconductors
Arnold Reinhold
agr at me.com
Wed Sep 18 16:34:04 EDT 2019
On Thu, 12 Sep 2019 10:35:27
Jerry Leichter <leichter at lrw.com <mailto:leichter at lrw.com>> wrote:
> ...But consider: If I can slip a change into the hardware, why attack the RNG? I can attack anything at all! In fact, there are already published examples - among many - of attacks on Ethernet interfaces such that simply seeing a particular series of bits in the input causes it to do arbitrary nasty things - like sending the contents of selected memory locations to an attacker. ...
An attack that weakens the RNG has unique advantages to the attacker. Once in place it is almost impossible to detect. It requires no back channel to reveal sensitive information. It is immune to software updates, as long as they do not change the source of random numbers. It’s a very economical attack. It potentially opens all of the victims encryption to the attacker. A gift that keeps on giving.
> ... In fact, we currently don't *have* any techniques for defending against such attackers, beyond the physical-world techniques of maintaining visibility into all of the supply chain. That was, at one point, something available to, say, the US military. Today, it's unlikely even the US military can afford it - a major concern, given how much the US military relies on computers. Perhaps the NSA can, for relatively limited numbers of chips that it can build in its own "black" fabs. ....
Here is a link that discusses current US DoD efforts to address the supply chain problem:
https://www.acq.osd.mil/se/initiatives/init_micro.html <https://www.acq.osd.mil/se/initiatives/init_micro.html>
Arnold Reinhold
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20190918/660b7965/attachment.htm>
More information about the cryptography
mailing list