India recently forbade some Chinese companies from bidding on some cell phone infrastructure projects, citing national security concerns:
http://www.chinatechnews.com/2010/05/25/12102-indias-bsnl-excludes-chinas-huawei-zte-from-gsm-bidding Of course, the Chinese gov't and companies are by no means the only ones one might worry about. AT&T and other US telcos have given customer data to the NSA. What about fear of NSA trickery in Lucent products? Or French intelligence in Alcatel? Or Israeli or Taiwan or whoever? In all cases, you can argue about how plausible such threats are, but it seems clear they are not utterly implausible. Nor are the companies the only threat. Cisco and many other firms have factories in China; if you are worried about Huawei colluding with government here to spy on or sabotage other nations, then you likely have to worry about that government slipping a team into Cisco staff to subvert those products. I don't think this threat is realistic, but I could be wrong. The main devices to worry about are big infrastructure pieces -- telephone switches, big routers and the like. However, those are by no means the only potential targets. Small home routers and various embedded systems are others. So, if one is building some sort of hardware that people may be reluctant to buy because of security concerns, what does it take to reassure them? Obviously, this is going to vary with both the application and the people involved, but can we say anything useful in general? Standard components help. If you use IPsec, or AES, or a commodity processor, I can have some confidence in those parts, though I'll still worry about other things. Use your own protocol or crypto algorithm and I definitely won't trust it without publication and a lot of analysis. Put big lumps of your own VLSI on the board and I'll worry about what might be hidden in them. Openness helps. Put an open source OS on the thing and give me the application code in source for auditing. If you must use some VLSI or FPGA parts, publish source for those. Auditing helps. Intel got outsiders to audit their random number generator. This is probably needed for some critical components, but which? All of those help, but are they enough? If not, what else is needed? Or is this an impossible task? --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com