[cryptography] Is it possible to protect against malicious hw accelerators?

coderman coderman at gmail.com
Sat Jun 18 18:18:01 EDT 2011


On Sat, Jun 18, 2011 at 1:08 PM, slinky <slinky at iki.fi> wrote:
> ...
>  1. How can one ensure this blackbox device really isn't a Mallory?

completely reverse the software(firmware) and hardware.
  c.f. http://www.flylogic.net/blog/

there are convincing arguments even this is insufficient. :/


>  2. Are there techniques... to
>  reduce the impact of untrusted hardware, while still being able to
>  use the hw-accelerated capabilities?

if you knew exactly how the backdoor was implemented (such as software
only defect) you may have an avenue around it.

leaky hardware is leaky hardware, however.


> And if you know of any good papers around this subject,

look for entropy reduction in hw random sources and side channels in
implementation.

cryptographic quality hardware random sources are too long a tangent
for this reply. :)

good coverage of hardware side channels in cryptographic engineering
(ISBN 978-0-387-71816-3 / 978-1-4419-4417-7)

 "... Basics of Side-Channel Analysis.- Improved Techniques for
Side-Channel Analysis.- Electromagnetic Attacks and Countermeasures.-
Leakage from Montgomery Multiplication.- Randomized Exponentiation
Algorithms.- Microarchitectural Attacks and Countermeasures."

maybe someone on list has a relevant arXiv selection,...



More information about the cryptography mailing list