[117921] in Cypherpunks
RE: [crisp@netcom.com: Re: chips, trust, waldoes, ultranoia etc.]
daemon@ATHENA.MIT.EDU (Fisher Mark)
Wed Sep 15 14:34:53 1999
Message-ID: <B9B6874277EED211B1890008C707AF53010C30BA@indyexch3.indy.tce.com>
From: Fisher Mark <fisherm@tce.com>
To: "'cypherpunks'" <cypherpunks@cyberpass.net>
Date: Wed, 15 Sep 1999 13:04:47 -0500
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Reply-To: Fisher Mark <fisherm@tce.com>
> That is a crock of shit. No engineer that makes his chips work doesn't
> check the work of the mask designer. But with modern connectivity
> verification tools and with behavioural simulation of layout extracted
> schematics versus the design schematic, the back doors have to be
> designed in. With formalized verification that is now use on complex
> digital chips, that would be difficult to get away with as well.
> Basically the chip logic design engineers and the
> verification engineers
> would have to be in cahoots to make something like that fly
> with modern
> design methodology.
As more and more software is used in the design process, eventually the
point will be reached where a "Thompson attack" is feasible -- i.e. Trojan
the software tools used by the designers, testers, verifiers, etc. so that
they both insert a Trojan horse onto the chip, but refuse to acknowledge its
existence when asked. If no one actually checks the physical CAD layout,
the Trojan horse remains safe. Think about it...
==========================================================
Mark Leighton Fisher Thomson Consumer Electronics
fisherm@indy.tce.com Indianapolis, IN
"Their walls are built of cannon balls, their motto is
'Don't Tread on Me'"
