huawei

Thu Jun 13 22:30:41 UTC 2013

On Thu, Jun 13, 2013 at 06:10:39PM +0200, Randy Bush wrote:
> we really should not be putting huawei kit into the backbone, there
> might be backdoors where they can spy on our traffic

This paper may be relevant to the topic at hand (h/t to Rob Slade):

	http://www.scribd.com/doc/95282643/Backdoors-Embedded-in-DoD-Microchips-From-China

Abstract:

	This paper is a short summary of the first real world detection
	of a backdoor in a military grade FPGA.  Using an innovative
	patented technique we were able to detect and analyse in the
	first documented case of its kind, a backdoor inserted into the
	Actel/Microsemi ProASIC3 chips. The backdoor was found to exist
	on the silicon itself, it was not present in any firmware loaded
	onto the chip. Using Pipeline Emission Analysis (PEA), a
	technique pioneered by our sponsor, we were able to extract
	the secret key to activate the backdoor. This way an attacker
	can disable all the security on the chip, reprogram crypto and
	access keys, modify low-level silicon features, access unencrypted
	configuration bitstream or permanently damage the device. Clearly
	this means the device is wide open to intellectual property theft,
	fraud, re-programming as well as reverse engineering of the design
	which allows the introduction of a new backdoor or Trojan. Most
	concerning, it is not possible to patch the backdoor in chips
	already deployed, meaning those using this family of chips have
	to accept the fact it can be easily compromised or it will have
	to be physically replaced after a redesign of the silicon itself.

Unfortunately, it doesn't appear possible to download this paper without
signing up for scribd.  Perhaps it's available elsewhere without such
onerous requirements.

---rsk