Re: huawei

[Rich Kulawiec <rsk () gsp org>]

On Thu, Jun 13, 2013 at 06:10:39PM +0200, Randy Bush wrote:
> we really should not be putting huawei kit into the backbone, there
> might be backdoors where they can spy on our traffic

This paper may be relevant to the topic at hand (h/t to Rob Slade):

        http://www.scribd.com/doc/95282643/Backdoors-Embedded-in-DoD-Microchips-From-China

Abstract:

        This paper is a short summary of the first real world detection
        of a backdoor in a military grade FPGA.  Using an innovative
        patented technique we were able to detect and analyse in the
        first documented case of its kind, a backdoor inserted into the
        Actel/Microsemi ProASIC3 chips. The backdoor was found to exist
        on the silicon itself, it was not present in any firmware loaded
        onto the chip. Using Pipeline Emission Analysis (PEA), a
        technique pioneered by our sponsor, we were able to extract
        the secret key to activate the backdoor. This way an attacker
        can disable all the security on the chip, reprogram crypto and
        access keys, modify low-level silicon features, access unencrypted
        configuration bitstream or permanently damage the device. Clearly
        this means the device is wide open to intellectual property theft,
        fraud, re-programming as well as reverse engineering of the design
        which allows the introduction of a new backdoor or Trojan. Most
        concerning, it is not possible to patch the backdoor in chips
        already deployed, meaning those using this family of chips have
        to accept the fact it can be easily compromised or it will have
        to be physically replaced after a redesign of the silicon itself.

Unfortunately, it doesn't appear possible to download this paper without
signing up for scribd.  Perhaps it's available elsewhere without such
onerous requirements.

---rsk