Open source is not a cure-all

[harlan4096]

A Chaos Communication Congress speaker reflects on whether using open-source hardware can solve trust problems in hardware.

With many believing open-source software is more secure than proprietary software, we are now also seeing attempts to apply a similar theory to hardware development. At the 36th Chaos Communication Congress (36C3) hackers’ conference last month, however, experts Andrew “bunnie” Huang, Sean “xobs” Cross, and Tom Marble raised doubts about whether employing open-source development is enough to solve trust problems in hardware. Huang spoke at length on the topic.

Differences between hardware and software in terms of trust

Open-source software’s safety lies not only in its openness, but also in widely used tools that help ensure the program you run at the endpoint is true to the published source code. Programmers sign their software with a digital certificate, for example, and the system checks the certificate before running the software on a user’s computer.

With hardware, it’s a different story. With no hardware analogs for hashing or digital signatures, users have no tools to check hardware’s authenticity against published information about it. The last time a device or chip is actually checked is at the factory. And the longer the gap between factory check and device use, the greater the chance of a successful MITM attack.

What can go wrong?

Generally speaking, anything at all can happen to chips or entire devices between leaving the factory and being used for the first time. To begin with, firmware can be replaced. (Sure, firmware is actually a software problem, so it can be verified, but you still have to rely on hardware during verification.) That’s why Huang focused on problems — component replacements, modifications, and implants — having to do strictly with hardware.

Adding components

These days, a totally unauthorized module can fit into a charging cable’s USB connector. Naturally, it’s even easier to tamper with more sophisticated multicomponent equipment that provides much more room for implants. The only good news here is that it’s relatively easy to detect added chip.

Substituting components

The simplest substitution trick is to tamper with marking. One real-life example: A misbehaving microcontroller showed, on visual check, to have the right mark (from STMicroelectronics) on an altogether different chip. That time, the cheat was an expensive component replaced with a cheap one, but the replacement could have contained anything at all.

Chip modification

People tend to think that chips cannot be modified once out of the factory, but that is not so. In many cases what we see as a single chip is actually several separate microcircuits in one package. An experienced adversary can use the same technology to put one more tiny piece of silicon into the very same package and connect this implant to existing contacts.

In fact, equipment to do just that is relatively inexpensive and readily available (according to the speaker, a used wirebonding machine from China costs about $7,000), although the falsified results will be detectible in X-rays.

Wafer-level chip-scale packages (WL-CSP) are much costlier to modify, but X-rays won’t reveal the deception.

Integrated circuit (IC) modification

Typically, companies design chips for their field-specific tasks but outsource them for production; only large market players can afford to produce their own chips. In this kind of arrangement, there is more than one way to modify the end product such that it still complies with the terms of reference. Moreover, after a chip or device is out of the designers’ hands, it’s rare anyone bothers to cross-check the resulting product against the original specifications.
...

Continue Reading