[Cryptography] Sabotaged hardware (was Re: Opening Discussion: Speculation on "BULLRUN")

Eugen Leitl eugen at leitl.org
Fri Sep 6 07:26:43 PDT 2013


----- Forwarded message from "Perry E. Metzger" <perry at piermont.com> -----

Date: Fri, 6 Sep 2013 10:25:17 -0400
From: "Perry E. Metzger" <perry at piermont.com>
To: Jerry Leichter <leichter at lrw.com>
Cc: cryptography at metzdowd.com
Subject: [Cryptography] Sabotaged hardware (was Re: Opening Discussion: Speculation on "BULLRUN")
X-Mailer: Claws Mail 3.9.0 (GTK+ 2.24.20; x86_64-apple-darwin12.4.0)

On Thu, 5 Sep 2013 22:31:50 -0400 Jerry Leichter <leichter at lrw.com>
wrote:
> For example, at
> http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html?ref=us&pagewanted=all,
> the following goal appears for FY 2013 appears:  "Complete enabling
> for [redacted] encryption chips used in Virtual Public Network and
> Web encryption devices".  The Times adds the following note:
> "Large Internet companies use dedicated hardware to scramble
> traffic before it is sent. In 2013, the agency planned to be able
> to decode traffic that was encoded by one of these two encryption
> chips, either by working with the manufacturers of the chips to
> insert back doors or by exploiting a security flaw in the chips'
> design."

This is troubling. It implies that there are widely used crypto
accelerators in use at large organizations that intentionally harm
the security of users. Random number generator flaws would seem like
an obvious possibility here.

This is especially disturbing because other actors can now start
doing teardowns on a wide variety of such devices looking to find the
flaws so they can themselves attack the traffic in question.

Perry
-- 
Perry E. Metzger		perry at piermont.com
_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5



More information about the cypherpunks mailing list