On Tue, 29 May 2012 13:24:09 -0400, Dieter BSD wrote:
So I'm skimming through
http://it.slashdot.org/story/12/05/28/1454222/backdoor-found-in-china-made-us-military-chip
and find:
"These secure FPGAs contain a heavily obfuscated hardware
crypto-engine,
with lots of techniques to obstruct DPA (deliberately unstable
clocks,"
This "news item" is full of misreprentations, feramongering and factual
errors.
the facts :
* The claims are about the Actel/Microsemi A3P family of FPGA,
that I use since 2009 at least. So I know a bit about them.
Sue me if I'm a long time Actel fanboy, you'll however find
fanboys for every manufacturer, particularly when they invest
thousands in their HW and SW.
* the security researcher found ways to extract locking keys.
In one of his attempts in 2009, he "de-capped" the chip and sent laser
pulses to given regions to force localised errors.
Actel did not foresee this fault injection technique, that's sure.
And since then, he enhanced his technique. Fair. That's his job.
* Actel also messed with its security infrastructure and ships factory
keys
hidden in JTAG files. Or something like that. That's a failure.
* So yes, security of the A3P devices is not as high as they wish.
No system is perfect, plus, given the price, it's still a fair
achievement. Add a few digits if you want chips made for/by the NSA.
What is wrong :
* my Actel chips are made in Taiwan and Korea. They are consumer and
industrial
grade. The space and military grades are quite different.
* The fab could not "swap" the masks. They cost millions to create and
create right.
Don't attribute to malice what can be explained by incompetence.
* The "backdoor" was known and even if badly documented, it is a system
of double keys that I have found by analysing documentation and asking
on comp.arch.fpga.
Hint : it's not a backdoor. It's a 2-level security system. However
where
Actel failed is that they have the same key for all devices.
So it's not a backdoor. It's a security failure, but some people prefer
to spin this to benefit their agenda.
* The story is more complex than that BUT the headlines completely mess
with what is actually at stake. And not stuxnet for FPGA is
realistic...
* Seriously, the author seeks renewal of his job's grants.
All he has to do is wave vague claims and link them to the fears of the
day...
Chinese malice ? check. Dangerous application that are at "risk" ?
check.
Fear attracts more money than company failures to get a security model
right.
* Slashdot is publishing more and more fallacies and sensationaling
news
these last weeks, they make me sick.
I'm so upset by all this brouhaha that I consider writing an article
for
a local security magazine to sort the facts and the bad "journalism".
Reliance on claims on slashdot or in PR pieces has always been
dangerous.
However, don't get me wrong : being able to "crack" the A3P is also a
good thing.
Consider all those aftermarket chips sold on eBay at a buck for a pound
because
they were "locked" in factory. Crack them, and use them for something
better
than gathering dust.
I've always been mad at Actel because once a chip is locked, it's
bricked
unless you know the unlocking code. Other CPUs (Microchip) don't allow
to readback
but if you brick it with the lock on, you can still flush it and
conserve money.
Actel's chips are much more expensive though so any chance of "brick"
is
a monetary danger.
Ok, i calm down now.
_______________________________________________
Open-graphics mailing list
[email protected]
http://lists.duskglow.com/mailman/listinfo/open-graphics
List service provided by Duskglow Consulting, LLC (www.duskglow.com)
