|
|
|
|
|
|
by mindslight
4973 days ago
|
|
|
I hadn't considered the added power draw due to the likely complexity involved in making a good backdoored hex inverter, good point there. It seems like there's a natural contour such that as the individual component gets smaller and less complex, the amount of circuitry required for a backdoor increases. Software certainly is easier to backdoor, but hardware is much more insidious. At this point I'd be surprised if there weren't backdoors in the widely used processors for at least the NSA. (Remember that innocent time when the question whether the 'net was tapped and recorded was up for discussion? :P) So I guess I view both of my aforementioned properties as mandatory due to the use case for my analysis (trustable function execution), while the OP was really just talking about the first one. I'd originally considered this question in the context of cryptographic key generation and management, where the second property is of utmost importance to be confident that there aren't low level backdoors giving bias to your crypto keys and nonces. Plus if you're spending the time to bootstrap trustable computation up from a hand-built circuit, you might as well go all the way instead of trusting something like an MCU. |
|
|
If there are backdoors in modern processors, it is likely located in the on-chip firmware for the boot sequence and/or in the secure key store. Those are the two main areas I'd worry about, and I'd also keep a close eye on any binary blobs needed for the secondary processors cores on a modern SoC. And also the firmware for the WLAN chip.