Thread: keys to the Kingdom
View Single Post
  #4 (permalink)  
Old 06-21-2006, 07:08 PM
Austin Lesea
Guest
  
Posts: n/a
Default Re: Locks for the peasants :-) Let them eat cake! Off with theirheads!
Further,

At least no one will tell us they broke into the chip.

It could be that when the students worked at it for awhile, they
realized that since they couldn't break it, there would be no degree, so
they moved on to something easier to break into. I am sure that certain
non-existent agencies spent more time hacking at it. But since they
never tell anyone anything, I am just guessing.

Obviously with enough money and enough time ... there is no 'perfect' lock.

But we are in full compliance with FIPS 140-2. And we also have AES256
which is considered acceptable for the most secure crypto boxes. AES128
is not considered 'secure' enough. Don't ask me why, as the details are
secret, and I am not cleared. I just hear and obey.

I am sure that if AES128 had battery backed key storage, it would be
perfectly good for any commercial crypto application. After all, today
we use 3DES which is only 2E112 hard, and that is now considered within
the reach of a mid-level attack. 2E128 provides only (only?) a 16 fold
improvement over 2E112....

Austin

Austin Lesea wrote:
> backhus,
>
> That is something that we thought about. But, really what we talking
> about is providing access to the crypto-engine through the general
> interconnect, and control of that engine.
>
> It was considered that anything we do in this regard would have to be
> completely and thoroughly tested so as not to be a back door, and
> compromise security.
>
> It wasn't worth the work to have to prove we did not break something.
>
> Even the JTAG is considered a real threat to security, so we have a
> method of disabling it once you have been configured with your encrypted
> bitstream (in V4 and V5).
>
> Kevin of FPGA Journal is looking for student interns for some security
> fun (in FPGAs). If anyone is interested, email me directly.
>
> We submitted our V2 Pro to 9 schools and universities (and some
> non-existent agencies) three years ago, and no one has broken the
> security, or even compromised it. That is what our security is about:
> we gave the students the complete schematics of the PCB, provided series
> access for PDA attacks, etc. All we asked was: tell us the key, or
> make the TRNG deliver non-random numbers (affect operation). We wqnt to
> know every weakness so we can fix it in the next version (and hopefully
> not break anything).
>
> Austin
>
> backhus wrote:
>> Hi Austin,
>> besides everything concerning the security gain of an encrypted
>> bitstream I have a different question.
>>
>> Xilinx offers a similar feature too in its Virtex4 (and 5?) FPGAs.
>> Now, that some silicon already is used up by the AES algorithm, wouldn't
>> it be nice to make it accessible to the custumer? Just the Keyscheduler
>> and the round function, not the key memory.
>>
>> Would be a nice feature for some custumers, but (nearly) no drawback for
>> all others.
>>
>> Best regards
>> Eilert
Reply With Quote