http://arstechnica.com/security/2013/09/researchers-can-slip-an-undetectable-trojan-into-intels-ivy-bridge-cpus/
By Dan Goodin
Ars Technica
Sept 18 2013
Scientists have developed a technique to sabotage the cryptographic
capabilities included in Intel's Ivy Bridge line of microprocessors. The
technique works without being detected by built-in tests or physical
inspection of the chip.
The proof of concept comes eight years after the US Department of Defense
voiced concern that integrated circuits used in crucial military systems
might be altered in ways that covertly undermined their security or
reliability. The report was the starting point for research into
techniques for detecting so-called hardware trojans. But until now, there
has been little study into just how feasible it would be to alter the
design or manufacturing process of widely used chips to equip them with
secret backdoors.
In a recently published research paper, scientists devised two such
backdoors they said adversaries could feasibly build into processors to
surreptitiously bypass cryptographic protections provided by the computer
running the chips. The paper is attracting interest following recent
revelations the National Security Agency is exploiting weaknesses
deliberately built-in to widely used cryptographic technologies so
analysts can decode vast swaths of Internet traffic that otherwise would
be unreadable.
The attack against the Ivy Bridge processors sabotages random number
generator (RNG) instructions Intel engineers added to the processor. The
exploit works by severely reducing the amount of entropy the RNG normally
uses, from 128 bits to 32 bits. The hack is similar to stacking a deck of
cards during a game of Bridge. Keys generated with an altered chip would
be so predictable an adversary could guess them with little time or effort
required. The severely weakened RNG isn't detected by any of the "Built-In
Self-Tests" required for the P800-90 and FIPS 140-2 compliance
certifications mandated by the National Institute of Standards and
Technology.
[...]
--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
