“We cannot trust” Intel and Via’s chip-based crypto, FreeBSD developers say

Discussion in 'other security issues & news' started by TheWindBringeth, Dec 10, 2013.

Thread Status:
Not open for further replies.
  1. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    http://arstechnica.com/security/201...ias-chip-based-crypto-freebsd-developers-say/

    http://www.theregister.co.uk/2013/12/09/freebsd_abandoning_hardware_randomness/
    https://wiki.freebsd.org/201309DevSummit/Security
    http://www.freebsd.org/news/status/report-2013-09-devsummit.html#Security
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    "We trust cmp but we don't trust RDRAND" - idiots.
     
  3. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    Would it make sense to ignore the possibility that the RDRAND instruction and random number generator are rigged, using "but other instructions/circuitry... MOV and CMP... could be rigged too!" as justification? I don't think so.
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    If you think intel is backdooring their system you don't just blacklist a single instruction. If your hardware is backdoored on that level you have way bigger problems - this is no solution at all but to stop trusting it entirely.
     
  5. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    An all or nothing mentality like that sounds reasonable and arguably would be *if* we knew that the chips in question *are* rigged. Unfortunately, we don't know whether they are or are not, and we may never know. That "you have way bigger problems" is actually a jump/assumption. One of the "yes, they are rigged" possibilities that we can't throw out the window is that it is just RDRAND that is rigged. Another possibility would be that there is other/additional rigging but addressing RDRAND still provides some protection in at least some scenarios. IOW, addressing the RDRAND threat scenario may in fact be of benefit!

    I think this is a "we've identified a specific thing of obvious, logical concern... there are relatively easy ways to address it... addressing it would be of benefit if certain scenarios are true... wouldn't solve all possible problem scenarios though" type situation. A "do we take a practical, conservative step to protect ourselves against a possibility even though it may not actually occur or be the only possibility that bites us" question. A rather common question in engineering I would say, and certainly one that comes up in privacy/security contexts all the time. In general, and in this context, I would ask: Is there a better argument against such a step than "it won't protect against all possible threat scenarios"?
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    RDRAND is considered insecure for no other reason than a lack of trust in intel. Intel is the threat vector, not RDRAND, by their own decree. Therefor their response is nonsense.
     
Loading...
Thread Status:
Not open for further replies.