[cryptography] Is it possible to protect against malicious hw accelerators?

lodewijk andré de la porte lodewijkadlp at gmail.com
Fri Jul 8 06:23:45 EDT 2011


-You could perform a (very simple) software hash or something of the kind to
make the data sent to the HW accelerated thingy (performing difficult
operations) useless, that's less effective but it should work. Note that
this is in fact a new protocol and the applications are different.

-A better thing to do would be to build your own! After building a proper
open source community it'd be possible.

-Or use an FPGA to do the operations! It might give comparable performance
and you reflash your own "firmware" everytime you start it. It's general
purpose so it's unlikely to contain specific hacks.

Stay paranoid,
Lewis

2011/6/20 Jonathan Thornburg <jthorn at astro.indiana.edu>

> I wrote
> > 2. If you don't trust the hardware, then you shouldn't use it.  Ever.
> >
> > It's really that simple: there's simply no way for software to be
> > safe in the presence of malicious hardware. :(
> >
> > Indeed, there's no way for software to *detect* malicious hardware. :(
> >
> > See, for example, the classic paper
> >   @inproceedings{1996-1849,
> >     title={The Dark Side of "Black-Box" Cryptography, or: Should We Trust
> Capstone?},
> >     booktitle={CRYPTO},
> >     pages={89-103},
> >     authors={Adam Young and Moti Yung},
> >     year=1996
> >     url = "
> http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.54.616&rank=1"
> >   }
>
> Sorry, that reference was a /dev/brain parity error on my part --
> while an interesting paper, it discusses something a bit different.
>
>
> > or the following brilliant rant by Henry Spencer from way back in the
> > 20th century:
> [[...]]
>
> This is the "right" reference, which I think nicely addresses the OP's
> question.
>
> Sorry for the mixup,
>
> --
> -- "Jonathan Thornburg [remove -animal to reply]" <
> jthorn at astro.indiana-zebra.edu>
>   Dept of Astronomy & IUCSS, Indiana University, Bloomington, Indiana, USA
>   "Washing one's hands of the conflict between the powerful and the
>    powerless means to side with the powerful, not to be neutral."
>                                      -- quote by Freire / poster by Oxfam
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20110708/818ecf6f/attachment.html>


More information about the cryptography mailing list