Hacker News new | ask | show | jobs
by baybal2 1775 days ago
> It is an interesting attack but is the above goal ever achievable? To protect against adversaries from the inside.

No, safe execution of untrusted code is impossible by the very definition, not without undoing 40 years of IC design practices.

It's an almost physical limitation which makes it very hard to compute something without some electromagnetic leakage from/to the die.

Take a look on secure CPUs for credit cards. They have layer, upon layers of anti-tampering, anti-extraction measures, and yet TEM shops in China do firmware/secret extraction from them for $10k-$20k
3 comments
formerly_proven 1775 days ago
It is very hard to perform a physical process while making it impossible to observe it. Similarly it is very difficult to have some object with permanent physical properties that you (the chip) can measure yourself, but no one else can, like a cloud of electrons trapped on an island, or a metal connection between two places.
link
MayeulC 1775 days ago
>> It is an interesting attack but is the above goal ever achievable? To protect against adversaries from the inside.

> No, safe execution of untrusted code is impossible by the very definition

I think this is more about data processing while hiding the data from whoever operates the hardware. Homomorphic encryption could be a partial answer to that.

link
baybal2 1774 days ago
> Homomorphic encryption

Explain please to me how homomorphic encryption will protect someone from basic laws of physics.

link
MayeulC 1767 days ago
I hate your condescending tone, especially since you are clueless about that and don't seem to be able to perform a simple search

https://en.wikipedia.org/wiki/Homomorphic_encryption

The idea is to use a special encryption scheme (and associated operations). If I take 50 numbers and multiply them by two before asking you to add them, I'll just have to divide the result by two to get the correct answer, and you won't see the data nor the result. Of course, actual schemes are more complex than that.

https://arstechnica.com/gadgets/2020/07/ibm-completes-succes...

link
evancox100 1775 days ago
What is a TEM shop? Curious about this topic, the threat model for some chips in the secure payments space assumes a secret value much higher than $10k for something like a root encryption key that blows open the payment processing security of multiple cards.

Also, just because something is physically possible, doesn't mean that the barriers to doing so are irrelevant. If it costs you $10k to unbrick a locked & stolen iPhone, then those countermeasures have likely succeeded at their intended purpose. This is why threat models try to quantify the time and/or monetary value of what they're protecting.

link
baybal2 1774 days ago
Tunneling electron microscope

A single facility for TEM comes with $10,00,000+ pricetag, and usually they amount to few dozens per a developed country, in use in places like universities, and research institutes.

China has probably more of them than the rest of the world combined.

link