[Cryptech Tech] nasty attack vector to consider: Stealthy Dopant Level Hardware Trojans

Leif Johansson leifj at sunet.se
Thu Jan 16 21:18:15 UTC 2014


On 2014-01-16 18:19, Warren Kumari wrote:
> Yup.
>
> I *think* that concerns like that are part of the reason for using an
> FPGA for stuff like this -- the theory being that the device is
> generic enough, and it is (hopefully) not feasible for an attacker /
> the manufacturer to predict which block will be used for what, and so
> difficult to know what is interesting and so worth leaking through
> side channels.
The stokastic nature of the layout/optimization process working for us
at last. Yay.

It would be nice to figure out a way to validate the output ... *Leif*
gets hit on the head by Turings ghost.
> I think that the plan is to view the components as untrustworthy as
> much as possible, and design with that in mind. But, if you want to
> take that to extremes things get, um, odd quickly. Let's say there is
> tamper-protection around the envelope, and you use a thermistor to
> detect the "dunk it in liquid nitrogen" attack and zeroise keys -- if
> you want to view all components as malicious, how do you know that the
> thermistor itself isn't more intelligent than expected, and if it sees
> a set sequence of temperature changes it disables itself?.... :-P
>
> W
>
>
> On Thu, Jan 16, 2014 at 9:58 AM, =JeffH <Jeff.Hodges at kingsmountain.com> wrote:
>> Stealthy Dopant-Level Hardware Trojans
>> http://slashdot.org/palm/21/13/09/13/1228216_1.shtml
>>
>> paper:
>> http://people.umass.edu/gbecker/BeckerChes13.pdf
>>
>>
>>
>> =JeffH
>> _______________________________________________
>> Tech mailing list
>> Tech at cryptech.is
>> https://cryptech.is/mailman/listinfo/tech
> _______________________________________________
> Tech mailing list
> Tech at cryptech.is
> https://cryptech.is/mailman/listinfo/tech





More information about the Tech mailing list