[liberationtech] How to defend against attacks on chips?
Eugen Leitl
eugen at leitl.org
Mon Jun 17 08:38:30 PDT 2013
On Mon, Jun 17, 2013 at 08:16:54AM -0700, Andy Isaacson wrote:
> It's true that in the limit, we can never be sure that a given piece of
> hardware contains no trojans. However, there are many ways that a
> trojan could be implemented which could be found with available
> techniques. It would be extremely enlightening to find one such and
> publicize it.
The next-best thing next to true open hardware with fully
verified toolchain is http://en.wikipedia.org/wiki/Lemote
which rms happens to use, or used to use.
"Netbook computers[edit]
Yeeloong
The Yeeloong netbook computer is intended to be built on free software
from the BIOS upwards, and for this reason is used and recommended by
Richard Stallman as of January 23, 2010[4] and September 2008.[5]"
For lower values of professional paranoia (and easier availability)
you could probably pick a http://www.coreboot.org/Welcome_to_coreboot supported
VIA board with a VIA C7 (with a hardware RNG that is a lot more
trustable than Intel's, and also some crypto primitives support)
and put FreeBSD or OpenBSD on it. Extra paranoid would keep
secrets in an USB dongle (e.g. one from
http://shop.kernelconcepts.de/index.php?cPath=1_26 )
Sun released OpenSPARC as source, but unfortunately "forgot" the
crypto primitives.
There are some options on http://opencores.org/projects
which could eventually result into something deliverable
to your FPGA core.
> So while I agree with your statement that we can never be completely
> sure, nevertheless building tools and trying them out is a valuable
> field of study.
More information about the liberationtech
mailing list