Sunday, December 29, 2013


This story in Spiegel Online about the NSA intercepting laptops in order to put spyware on them made me recall this older story:
Researchers can slip an undetectable trojan into Intel’s Ivy Bridge CPUs
New technique bakes super stealthy hardware trojans into chip silicon.

by Dan Goodin - Sept 18 2013, 7:57am USMST
ars technica

Scientists have developed a technique to sabotage the cryptographic capabilities included in Intel's Ivy Bridge line of microprocessors. The technique works without being detected by built-in tests or physical inspection of the chip.

The attack against the Ivy Bridge processors sabotages random number generator (RNG) instructions Intel engineers added to the processor. The exploit works by severely reducing the amount of entropy the RNG normally uses, from 128 bits to 32 bits. The hack is similar to stacking a deck of cards during a game of Bridge. Keys generated with an altered chip would be so predictable an adversary could guess them with little time or effort required. The severely weakened RNG isn't detected by any of the "Built-In Self-Tests" required for the P800-90 and FIPS 140-2 compliance certifications mandated by the National Institute of Standards and Technology.

No comments: