Re: Is there a chance smartcards have a backdoor? (was Re: Any future for the Crypto Stick?)
Peter Lebbing pe...@digitalbrains.com wrote: On 05/12/13 13:20, Paul R. Ramer wrote: On that note, why assume that the manufacturer would not do the opposite: feign helping the spy agency by giving them a compromised ROM and then substituting a secure one on the real product. In either case, we are assuming the company would try to supply different bodies with different ROMs. We're debating the risk that a card is backdoored. If there is such a risk, that risk still exists if we allow for the possibility that manufacturers try to do what you say. They're not mutually exclusive; how come you infer that I assume that the manufacturer would not do the opposite? It was not my intent to make it seem that I had made any insinuations on your part. It was more that I wanted to express an alternate possibility rather than the nefarious one that was being discussed. It seemed that the only scenario involving pressure or coercion on the part of the U.S. being discussed was one of compliance by the company rather than a range of possibilities. Events in life do not always happen neatly and predictably. If we are going to discuss outcomes, we need to talk about more than one. Cheers, --Paul -- PGP: 3DB6D884 ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Is there a chance smartcards have a backdoor? (was Re: Any future for the Crypto Stick?)
Il 08/12/2013 14:15, Mark Schneider ha scritto: A little security is not real security. There always can be backdoors in the firmware (BIOS, closed source drivers etc). Why is everyone thinking 'BIOS' as backdoorable piece of sw? Why not the hard disk? http://spritesmods.com/?art=hddhack Just another piece to think of when building a secure system... BYtE, Diego. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Is there a chance smartcards have a backdoor? (was Re: Any future for the Crypto Stick?)
Am 08.12.2013 19:13, schrieb NdK: Why is everyone thinking 'BIOS' as backdoorable piece of sw? Why not the hard disk? http://spritesmods.com/?art=hddhack Just another piece to think of when building a secure system... Excellent article! Thank you. Writing firmware I meant every piece of code for / inside all involved hardware components and in particular with their own controllers (eg. keyboard, USB ...) and not only the BIOS of the motherboard. Some backdoors can be hardcoded in the hardware of controller chips (eg. network controller etc). Sending a special sequence of data to them can turn them in the debug or whatever mode. Hacking smartcards is more complicated but possible. BTW: there is no video at: http://achtbaan.nikhef.nl/events/OHM/video/d2-t1-13-20130801-2300-hard_disks_more_than_just_block_devices-sprite_tm.m4v Kind regards, Mark -- m...@it-infrastrukturen.org http://rsync.it-infrastrukturen.org ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Is there a chance smartcards have a backdoor? (was Re: Any future for the Crypto Stick?)
On 08/12/13 21:13, Mark Schneider wrote: BTW: there is no video at: http://achtbaan.nikhef.nl/events/OHM/video/d2-t1-13-20130801-2300-hard_disks_more_than_just_block_devices-sprite_tm.m4v You can find it at: http://bofh.nikhef.nl/events/OHM/video/d2-t1-13-20130801-2300-hard_disks_more_than_just_block_devices-sprite_tm.m4v And I've just told Sprite the link is dead :). I was just telling him he was just featured on this mailing list :). HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Is there a chance smartcards have a backdoor? (was Re: Any future for the Crypto Stick?)
On 05/12/13 13:20, Paul R. Ramer wrote: On that note, why assume that the manufacturer would not do the opposite: feign helping the spy agency by giving them a compromised ROM and then substituting a secure one on the real product. In either case, we are assuming the company would try to supply different bodies with different ROMs. We're debating the risk that a card is backdoored. If there is such a risk, that risk still exists if we allow for the possibility that manufacturers try to do what you say. They're not mutually exclusive; how come you infer that I assume that the manufacturer would not do the opposite? But anyway: So the NSA simply buys a card from a shop, and notices that it doesn't respond to the backdoor command. Or they want to use the backdoor to get a suspect's private key, and again, the card does not respond. How is the manufacturer going to talk its way out of that? However, if you're up against specific investigation by the NSA (not the dragnet method), I think pretty much anybody will lose, backdoor or not. If they can't extract your private key, they'll simply hack your computer and batch up decryption requests to be bundled with your own next access of the card, or something similar, or something really smart I didn't think of. So it's really a question if it matters whether the NSA has a backdoor or not :). Peter. PS: the new subject line is very verbose because I wanted to avoid the risk that people interpret Chance smartcard backdoored as a statement rather than a question. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Is there a chance smartcards have a backdoor? (was Re: Any future for the Crypto Stick?)
On 05/12/13 13:20, Paul R. Ramer wrote: On that note, why assume that the manufacturer would not do the opposite: feign helping the spy agency By the way, there's a big difference. In the scenario that they install a backdoor but don't show it to the certification entities and such, they do that because they're forced to do so by the NSA (the NSA wouldn't want their backdoor certified :). If they feign helping the NSA, they aren't forced to do that, it would be their choice. In either case, we are assuming the company would try to supply different bodies with different ROMs. But they are completely different circumstances: force versus own choice. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://digitalbrains.com/2012/openpgp-key-peter ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Is there a chance smartcards have a backdoor? (was Re: Any future for the Crypto Stick?)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 12/05/2013 08:08 PM, Peter Lebbing wrote: On 05/12/13 13:20, Paul R. Ramer wrote: On that note, why assume that the manufacturer would not do the opposite: feign helping the spy agency by giving them a compromised ROM and then substituting a secure one on the real product. In either case, we are assuming the company would try to supply different bodies with different ROMs. We're debating the risk that a card is backdoored. If there is such a risk, that risk still exists if we allow for the possibility that manufacturers try to do what you say. They're not mutually exclusive; how come you infer that I assume that the manufacturer would not do the opposite? The smartcard having a bad RNG as seen in [0] springs to mind. References: [0] http://sites.miis.edu/cysec/2013/10/10/taiwans-citizen-smart-card-plan-compromised-by-bad-rngs/ - -- - Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - Great things are not accomplished by those who yield to trends and fads and popular opinion. (Jack Kerouac) -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJSoNKKAAoJEAt/i2Dj7frjgacQAKftpqC3shsP1p4oF1Ksdd25 bjS1lX/SsGUKe5ynKr6elY7NxAea6L7QH5yP9uinBYDGpZnUV9JcNAyYtwUwYlDS MwPoYXcOdoYVe/cSIJflARDBzDDdaLw/51O/4ZReeYUjOQlz5Lr+JqO0O/02FcwJ E3jKHkQo44CbpYEqF3LAIl7qua2eMwNV99hxvuUQxrj3k3FJAZaPrAP9duJkA9BA Ssvq4iBWVgikPw8jrefBrzhIpSTjSYSslXEJzgBnYsQ6zbPtWnX/15cVz8n4GWiI o06A7Obx1siIzOL/S+nJK1jv8as3JU/Q5Xh5OfvmiXhjljhjQr0lKo4DMEaQ4z6B IPJODsL8Pe6u44kC+qyZ0JABFxUlDPh4RD8xpFeJBizZPajoYfJWBEyNuW0swB5J L2WZqRITYiz/epQROp6SLPY06O2ym78twwjM/ldtH1dgVqygze15aNB0onHeSZd7 8LDvm4Dnn4F259nuPyJ0ejjtvupOu/DkHE8UShynEELuFIrxenEEULplISRJ8To9 d+bwEaX0nfPMSbj6j8cBsMa1YyxI2NHqmgPweqc9UB+FUi6Mc6/W9HfRH5XgAW+J sSZDWJvOBLWMAf6qOnCIK6WmhhlPY0YYiFQByiBF3idmVIj4iAokbr7kHvPepIMj 6tzH0YpBaNF9wSLh7tMh =fTni -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users