On Thu, Jun 13, 2013 at 06:10:39PM +0200, Randy Bush wrote:
> we really should not be putting huawei kit into the backbone, there
> might be backdoors where they can spy on our traffic
This paper may be relevant to the topic at hand (h/t to Rob Slade):
http://www.scribd.com/doc/95282643/Backdoors-Embedded-in-DoD-Microchips-From-China
Abstract:
This paper is a short summary of the first real world detection
of a backdoor in a military grade FPGA. Using an innovative
patented technique we were able to detect and analyse in the
first documented case of its kind, a backdoor inserted into the
Actel/Microsemi ProASIC3 chips. The backdoor was found to exist
on the silicon itself, it was not present in any firmware loaded
onto the chip. Using Pipeline Emission Analysis (PEA), a
technique pioneered by our sponsor, we were able to extract
the secret key to activate the backdoor. This way an attacker
can disable all the security on the chip, reprogram crypto and
access keys, modify low-level silicon features, access unencrypted
configuration bitstream or permanently damage the device. Clearly
this means the device is wide open to intellectual property theft,
fraud, re-programming as well as reverse engineering of the design
which allows the introduction of a new backdoor or Trojan. Most
concerning, it is not possible to patch the backdoor in chips
already deployed, meaning those using this family of chips have
to accept the fact it can be easily compromised or it will have
to be physically replaced after a redesign of the silicon itself.
Unfortunately, it doesn't appear possible to download this paper without
signing up for scribd. Perhaps it's available elsewhere without such
onerous requirements.
---rsk
