[121849] in cryptography@c2.net mail archive
RE: more on malicious hardware
daemon@ATHENA.MIT.EDU (Scott Guthery)
Mon Apr 28 13:27:52 2008
From: "Scott Guthery" <sbg@acw.com>
To: <cryptography@metzdowd.com>
Date: Sun, 27 Apr 2008 21:13:30 -0400
In-Reply-To: <48139420.5000000@web.de>
>>Adding a backdoor to chips is a different story, though, since that would
require cutting a second set of masks.
>>I am assuming that there must be no backdoor in the legitimately produced
chips since the client would detect
>>it as a slight violation of some of their timing simulations. The client
also often inspects the masks before
>>the chips are produced and basically reverse-engineers the whole chip on
that level.
A backdoor -- hardware or software -- in a smart card or TPM would be
difficult to detect by either of these means. In the case that nation A is
buying these from nation F, don't you think that nation F would be motivated
to slip in a couple extra lines of code or a couple extra 100 gates just in
case? If A got into a tangle with C, F would in a very strong position.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
