[Cryptech Tech] nasty attack vector to consider: Stealthy Dopant Level Hardware Trojans

Warren Kumari warren at kumari.net
Thu Jan 16 17:19:24 UTC 2014


Yup.

I *think* that concerns like that are part of the reason for using an
FPGA for stuff like this -- the theory being that the device is
generic enough, and it is (hopefully) not feasible for an attacker /
the manufacturer to predict which block will be used for what, and so
difficult to know what is interesting and so worth leaking through
side channels.

I think that the plan is to view the components as untrustworthy as
much as possible, and design with that in mind. But, if you want to
take that to extremes things get, um, odd quickly. Let's say there is
tamper-protection around the envelope, and you use a thermistor to
detect the "dunk it in liquid nitrogen" attack and zeroise keys -- if
you want to view all components as malicious, how do you know that the
thermistor itself isn't more intelligent than expected, and if it sees
a set sequence of temperature changes it disables itself?.... :-P

W


On Thu, Jan 16, 2014 at 9:58 AM, =JeffH <Jeff.Hodges at kingsmountain.com> wrote:
> Stealthy Dopant-Level Hardware Trojans
> http://slashdot.org/palm/21/13/09/13/1228216_1.shtml
>
> paper:
> http://people.umass.edu/gbecker/BeckerChes13.pdf
>
>
>
> =JeffH
> _______________________________________________
> Tech mailing list
> Tech at cryptech.is
> https://cryptech.is/mailman/listinfo/tech



More information about the Tech mailing list