[cryptography] Which encryption chips are compromised?

Andy Isaacson adi at hexapodia.org
Wed Dec 11 21:15:38 PST 2013 

On Wed, Dec 11, 2013 at 06:28:31PM -0800, Steve Weis wrote:
> On Wed, Dec 11, 2013 at 6:00 PM, coderman <coderman at gmail.com> wrote:
> > unredacted:
> >  https://peertech.org/dist/nsa-cpp-goals-FY2013-unredact.png
> >
> > "Intel Ivy Bridge"
> 
> Is this a guess because "Intel Ivy Bridge" fits into the redacted space or
> is there some other evidence?

I believe it's just a guess based on fit.

> Ivy Bridge processors are general purpose x86 CPUs. It doesn't make sense
> to me to refer to it as an "encryption chip" for "web encryption devices".
> Do you know of products using IVB processors for SSL offloading or in VPN
> appliances?

Suppose I'm the manager writing this document, reporting the expected
accomplishments of my group.  We do cryptanalysis.

If we're projecting success against FooBarCo chips' encryption sub-core,
and everybody knows FooBarCo chips are used in both encryption and
non-encryption products, it makes sense to cite the specific
applications where FooBarCo chips are used.  So "for FooBarCo chips used
in VPN and SSL" makes sense, even if FooBarCo chips are not *solely* VPN
and SSL.

However, in "for FooBarCo encryption chips used in VPN", the
"encryption" seems to me to denote a special purpose chip, rather than a
general purpose chip with an encryption sub-core.  I've seen worse
manglings of language in similar documents, though, so I would not put
it past said middle manager to write "for Intel Ivy Bridge encryption
chips used in VPN and SSL", even though that's a bit of word salad to
anyone who knows the technology.

> To me, the redacted document sounds like it's referring to a security
> processor used for SSL offloading. For example, something like a Cavium
> Nitrox (which I'm not implying is the subject of the document).

"Cavium Networks" or "Cavium Nitrox" are approximately the right length
to fit.  Other vendors that might be interesting include F5, Barracuda,
Riverbed, Cisco SCA 11000, Radware (an Israeli/American company), and
everybody listed on http://en.wikipedia.org/wiki/SSL_Acceleration

The document looks like Word and appears to be fully justified; anyone
with that software want to match the fonts and try out various
substitutions to see what fits best?

Note that
http://s3.documentcloud.org/documents/784159/sigintenabling-clean-1.pdf
seems to have been digitally processed and redacted; the font baselines
are perfectly aligned, to the sub-pixel antialiasing limit; while
http://s3.documentcloud.org/documents/784280/sigint-enabling-project.pdf
appears to have gone out to paper and then been scanned in on a
non-flatbed scanner; there is significant vertical slew across the line
of text in question.  Since the source document appears to be the same
for both, an enterprising DTP jockey could use -clean-1.pdf to tune the
document settings precisely, and then use -project.pdf to search for
better unredaction matches.

-andy

More information about the cypherpunks mailing list