[Cryptography] Data remanence on solid state storage

Richard T. Carback III rick at carback.us
Wed Aug 21 11:16:06 EDT 2024 

On Mon, Aug 19, 2024 at 12:28 PM, Kent Borg <kentborg at borg.org> wrote:  
              On 8/18/24 12:06, Ron Garret wrote:

              Worse news: hard (actually impossible) to know for sure what is going on inside *any* modern electronic device.
        Effectively, supply chain attacks.

        Very true.
    That's why long ago and far away, so to speak, when I once worked
      for a fab-less semiconductor company doing SoCs for laser printers
      (that dates it pretty well), I asked my boss a question that
      puzzled him. The question was roughly: How easily could the fab
      change our design to add a backdoor? He understood the question.
      What was puzzling was my asking it. I don't think anyone else in
      the company was considering such things, and this certainly wasn't
      my job. But I'm weird, that's why I'm on this list.     (Shortish answer, mixing in what I know now: Doable, but
      involved, and even if this were something they were doing to every
      chip, not cheap. We did the design, from IP we bought and our own
      circuitry, *and* we did the layout. I'm pretty sure we only sent
      the layout to the fab, for we wouldn't have had the rights to send
      higher level "sources" and I don't think we were paying them for
      layout services. So making a change would require reverse
      engineering from our layout, changing the circuit, and redoing the
      layout. Analogous to patching a binary, but harder. …In the late 2000s to early 2010s there was a Dr. Tehranipoor who had some work along these lines doing power analysis which started as side channel defense work (e.g. https://ieeexplore.ieee.org/abstract/document/4358706 ). I saw some tools in their lab that could put a tolerance on power usage characteristics measured in a grid across the layout using only the VLSI under different inputs, which would significantly restrict an unknown backdoor.
Yes, your point holds, but one can still know a lot about ones
      gear. Magical supply chain criminals aren't going to, say, squeeze
      undocumented TBs of storage or high bandwidth digital transceivers
      into something that doesn't take up enough space, cost enough
      money, get hot enough, draw enough power, nor have the bandwidth
      to get a hold of ones data, etc. Also, at least for users of
      things like Linux, one can know a lot about and influence what
      data the OS is hurling where. And, in the case of SSDs, one can do
      very powerful things such as never storing anything on the SSD
      that the SSD could differentiate from gibberish. I.E., only store
      encrypted data. (Those links John Gilmore posted did not mention
      using encrypted file systems, alas. Though they were MS
      Windows-centric and I suppose such things are harder over there.)
Great points - compared to alternatives SSDs are also easier to destroy, which should be the norm as the practice largely eliminates this concern from the threat model. For organizations larger than a couple people it’s not feasible to be sure that disks are wiped consistently.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20240821/15db22e6/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: publicKey - rick at carback.us - 0x0185CAD7.asc
Type: application/pgp-keys
Size: 3147 bytes
Desc: not available
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20240821/15db22e6/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 855 bytes
Desc: OpenPGP digital signature
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20240821/15db22e6/attachment.sig>

More information about the cryptography mailing list