The Semiconductor Security War
Вставка
- Опубліковано 2 чер 2024
- Modern chips own your life. For instance, take the A15 SOC that is sitting inside your iPhone. Inside that chip are multiple security assets of high corporate value: encryption keys, developer keys, DRM keys, and so on.
Furthermore, imagine how much of your life's business is conducted through your mobile phone. For instance, my phone has my biometric information, my bank access information, passwords to all my services, and so on.
Software security protections are frequently implemented with the tenet that "trust starts in silicon". But a house cannot be built on soft sand. Likewise, a secure system cannot be architectured on top of compromised hardware.
In this video, I want to talk about the daunting problem of maintaining security in today's modern semiconductors.
Links:
- The Asianometry Newsletter: asianometry.com
- Patreon: / asianometry
- The Podcast: anchor.fm/asianometry
- Twitter: / asianometry
I hope you enjoyed the video.
I did! :D
Love you content man.
firmware security might be an interesting topic you might want to explore
Thanks again for all of these awesome videos!! You rock :D
Wait…
You’re talking about China, aren’t you?
Definitely China.
Hardware security is a field which is not in lime light and many people are unaware about it. Thanks for highlighting this.
It's obvious, but I never even thought that someone could insert malware in chips before they are produced
A well thought out and implemented version control procedure with proper security should make it impossible to insert trojan logic, unless trojan engineers have penetrated a company.
@@coraltown1 I'm not sure how version control is used / can be used in the backend chip design flow. In the front end its mostly Verilog code but in the backend Its mostly about the layout and masking representation of the chip that goes into fab for manufacturing.
I briefly did some maintenance work for Nikon in California and the chip designers worked on specialty computer hardware that never connected to the internet, and would only connect after multiple hardware authentication steps were completed.
Hardware security at all levels is paramount not only for cooperate supremacy- but national security.
We have reached the point where outsourcing semiconductor production makes as much sense for any state as outsourcing their armaments industry . The stakes are just way too high.
imagine if taiwan gets nuked by china whole world is doomed 😂😂😂
Agree. (Ps. I see you have 1 comment [before mine posted] but when I click on your comment I don’t see it. What gives?
I mean, most countries do outsource their armaments industries, to various extents.
@@MFMegaZeroX7 true , maybe outsourcing your armed forces would have been a better analogy . Mercs are fine until the day they resign or decide to point their weapons in the opposite direction.
@@mineown1861 Your original comment was made from a WASP point of view. @MegaZeroX7 just pointed out the hypocrisy of that
I used to work at a very high tech security firm and one thing which became obvious was that you must build security solutions assuming zero trust. The analogy of building house on sand is actually appropriate. authentication solutions (the most fundamental level of security as they determine friend from foe) must include breech detection and that can be done even on a compromised system or chip. Sure, it's good to have a trusted execution environment but relying on a fortress is stupid if bugs represent an unfixable hole in the wall and when the enemy has bunker busters
A NOT gate: from "your mom" to "not your mom". Hah!
This was a great video and very well researched. One little detail is that "GDS II" is "graphic design system two", though given the popular "ASCII = ASK 2" joke it is natural to err on the other side.
Thank you for making such a research and qualitative content 🙏
The players able to do hardware hacking at design and foundry level must be extremely technically competent and sophisticated. They can only be done by big organizations, not imdividuals nor small gangs. Asianometry, can you tell us who are the players?
It's usually govt organisations. I think most large scale hacks are also perpetrated by them. It boils down to the economics of executing such a hack which usually isnt some lone dude in a basement.
Its hard to prove that anyone is doing hardware hacking at the foundry when most devices use chips that are flawed by design. Spectre being one of these case’s if I recall correctly. Except for simple chips there are always corners cut and someone somewhere did something wrong because but it works faster or its convenient.
I can’t recall a proven foundry hack. Its usually abusing bugs in by design hardware. Apple also kinda solved this issue with the secure enclave. Its an in house chip that stores the private keys for the device and never shares them. If you only have 1 chip to look after then its way easier to manage a secure manufacturing. And even then there are the normal type of bugs and hacks.
Essentially supply chain attacks are the domain of government actors exclusively, it costs a *lot* of money to carry out this kind of attack
Glad that you didn't accuse China
@@user-lx7kx1dd3q because China don’t have this capability 😂
This is a layer of explanation that most people are not even aware exists!
Having watched this, I understand and appreciate the challenges that go into the making of a great product. Thank you!
very informative & well organized. keep it up!
One of the few videos from today that were not stupid April pranks. Thank you!
What about closed source IP in black boxes that are bought and inserted into a netlist, and nobody knows what that black box contains?
Great pictures choice for this video. And very interesting as usual!
Fascinating insight into this side of the process.
Wow! So deeply explained. Subscribed immediately!
Excellent review of attack surfaces in hardware design and foundry.
Daumn you have grown super fast, i remember back when you had aroun 2000 subs, i knew that your content was great, :-)
The real question is are there real world examples of where this has actually happened and analysis of how it was done ?
Rowhammer
@@cannonball7 Rowhammer is an attack technique that targets a wide range of existing dram implementations. This video is about intentionally introducing vulnerabilities to hardware. So no, rowhammer is not a real world example.
All the real examples of supply chain attacks I am aware of are far less sophisticated than anything in this video. Technically, distributing a poison USB is a supply chain attack, and that is pretty common. Post-silicon attacks are also regularly attempted against open source firmware projects, but I do not know of a successful example.
Most countermeasures exist to defend against hypothetical attacks and idiot mistakes with the same result. Simple processes like change-review mean you would need a conspiracy within a company rather than one rogue individual to accomplish any supply chain attack. And those processes are necessary to save your product from simple mistakes.
edit: Assuming the supermicro compromise is real, that bloomberg article he references in the video is probably exactly what you are looking for. But that is sort of a big assumption.
ua-cam.com/video/_eSAF_qT_FY/v-deo.html
Stuxnet / Olympic ?
You have your banking, biometrics and passwords to services on your phone?
That's just asking for trouble. Is your identity that unimportant?
of cause someone may want you to store all the keys in your phone but not in separated place like your brain or piece of paper. they propose you to use some preset and unchangeable key call tpm. therere options that convenient and easy for you
Amen
I'm very impressed with the quality of the explanations in this video!
Great video. Very educative. Especially for VLSI students
Bro your a Germ.. Good stuff.. We appreciate.. Keep it coming
My God, you're good :-) Not so long ago I would say that analyzing is dreadfully boring and rancid. You are proving me wrong every time I watch your work. I'm so happy to be wrong ;-)
From what I know, machine learning is used to QA wafer structures with SEM’s. Unless the QA system is also compromised it may show up as a defect.
Makes me wonder if using FPGA for critical security operations could be used, after all FPGA function is determined after manufacturing and it's function depends entirely of software.
Possibly even worse because it's even harder to verify that the code you loaded is actually what's being executed. You'd need to do simultaneous active reads of many transistors... at different depths...
Oh, I had more military use, FPGA programmed on field, with ram as exclusive memory, the moment power is cut hardware is useless
And it's very common part, for military very attractive and quite secure option
Thanks. Very this is very informative!!
Thanks for the video!
Too bad you didn't talk about voltage fault injection. That's the most interesting one to me because it's stupidly simple but also easy to mitigate, yet for some reason it is often left unmitigated.
Wow never knew these things existed lol. My only experience is with the Xilinx IP ecosystem, and im not too well versed with security, so never knew about this. Enjoyed it! :)
Enlightening & Thks
Flipflop character of transitor is the key problem too and so anything use transitor is compromised warned nearly 20 years ago when I propose shilding and use ribbon flat wire
What are the chances that Intel , apple , etc have integrated a number of zero-day hardware vulnerabilities?
100% Intel Management engine and Custom Minux OS running pre boot loader for the last 5 Generations of IC chips, AMD has a similar system but i cant remember the name. Intel also tried to pay off researchers that revealed spectre v2 vulnerability, The US Government specifically required Intel ME to be removed on the systems they purchased.
As a side back-doors have been found in silicon for the aviation industry a few years back, that lead to US military industry to start producing their silicon onshore, first voluntarily then by mandate soon after. China manged to get x86 thru purchasing the company VIA which was bad enough , VIA produced IC's with undocumented registry calls that allowed access to Ring 0 and lower, there is an excellent Black Hat conference presentation showing the process to access said functions (ua-cam.com/video/_eSAF_qT_FY/v-deo.html)
Christopher Domas (the researcher that discovered those registry calls and was gainfully hired by Intel months after this conference) practically brute forced attempts to call the register and then time the response to garner an idea if anything interesting is in those sectors, you can imagine the number of calls that lead to the system hanging, or rebooting. monumental effort to discover those keys and they weren't even really trying to obfuscate them, now days goodluck. Newer functions are buried in completely isolated subsystems that are inaccessible by routine memory address registers, modern computers have a smaller computer that operates outside your OS and initiates before even the boot loader has , (See Intel ME and Minux OS) scary stuff.
In order for the Media Engine to perform its function, it needs to run an operating system in a totally isolated environment, this means that it cannot do so by accessing the system’s RAM memory or the storage of the system itself. Needing for this its own RAM memory and also its own storage, which in this case is in the Media Engine itself.
The choice of MINIX for the Media Engine functions makes sense for Intel, as it is an operating system that is light enough to fit into the ME’s NAND Flash memory and can be used in isolation by the ME. In addition, its location in the chipset gives access to all the input and output interfaces of the chipset, including the network ones, which is necessary for remote control of the system.
Intel and AMD absolutely have sub ring 0 access and further If china assimilates Taiwan and they inherit TSMC you can all but ignore the notion of data security from every angle imaginable.
sorry if this wall of text seams disjointed im on mobile and just spitballing here.
@@aerosoapbreeze264 "If china assimilates Taiwan and they inherit TSMC you can all but ignore the notion of data security from every angle imaginable."
Surely only from the Chinese (or Chinese allied) angle. This can't be a game played by only one side or one faction. The game of espionage is as old as the hills and every nation plays it. The game of producing compromised communication systems is also very old and goes way back into pre-silicon times. I have heard that the US gov got a copy of every telegram sent in America during WWII, no need to presume it stopped then and I have also read of how the CIA produced and sold analogue encryption machines. The implications are obvious.
Probability of 1. It's so hard to get something correct for every case. Then you look at the complexity of their designs and the number of gates. It is improbable there is not a vulnerability. There could be errors in their EDA toolchain that cause vulnerabilities. Humans just make mistakes.
Thank you all for confirming what I thought was true
@@jakedee4117 i think you are refering to the story of crypto AG. The story went a bit under the radar, but the podcast malicious life did a greate episode on it
I love to see the tool I use at uni being shown here!
I always think about finding a way to run encrypted code on any compromised processor. But I guess it is impossible since you need to access memory anyways.
Market disruption has become the core business model...so all sorts of security will keep cropping up !
I didn't know how much I didn't know till I started watching your informative information. Thank you. :)
Love it!!
That timing diagram gives me Vivado flashbacks
It's highly plausible that this has already been implemented and deployed by nation-state actors, in multiple instances :(
Fantastic!
Scary, the technology and knowledge involved in this type of activity is so complex that it amazes me that it even exists. At this level its got to be government funded, who else could afford the technology required. I find it had to believe it could be a competitive situation between companies because what would they really gain if they could access every iPhone etc. Just pause and remember who pays for the majority of governments sophisticated enough to be interested in this level of invasion .
Its basically the hardware version of the Ken Thompson trust issue.
I hope one day in the future we can fab own opensource chips at home...but then we have to trust the chips in the machine we using.
One had to start out with Diodes and the fab themself all the way up to modern chip tech.
In the near future that will be 100% impossible to do for a single person in one lifetime.
A lot of advancement in PUF for chip security. TSMC is working closely with an IP company to deliver the solution to clients.
It is even more complex when circuits are deliberately integrated into the design, partially when the chips have direct access to the internet as in chips used for router or ethernet hardware.
hey algorithm, this channel is accurate and engaging. :)
I remember (from my university probably) that the soviet union at some point decided that it was way too expensive to compete with the US in hardware design so they started copying and decided to spend freed resources on software design instead. I believe that there were even some machines that took away layer by layer of silicone just to see the full design of IC. On the other hand it is clear is that governments themselves are usually the ones behind these vulnerability insertions. My question is whether they also copied already existing vulnerabilities from original designs, since I highly doubt that there weren't any already inserted by original manufacturers.
Decapping/lidding is an old method. Even used by those of us in socal during the early days of chip design to see what others were doing. Many modern chips have protection against such attacks now. To learn more, read up on the satelite TV wars, where much of this tech was advanced quickly. It's a deep, interesting, rabbit hole.
@@nobodynoone2500 Thank you! I just watched Chris Gerlinsky's amazing satellite tv hack project. I am not an expert on cryptography or hacking, but my asumption was more about logic circuits. Especially when you copy processor architecture you might end up adding some benign and useful, at first glance , logic which might add some predictable timing fluctuations or something else making it a lot easier to decypher. It would've been so ironic if soviets were threatening all the rest of the world with their nukes not realizing that their satellites are being completely decyphered in real time with almost no effort.
9:55 What?? The fuck??? That ring oscillator sounds fucking baller as hell! I just learned about timing optimization, this the coolest manipulation I've ever heard of!
A really cool look into the internals of chip design! Seems some ML/AI could be a good fit to hunt down compromised systems.
Implanted HW on chip security breaches are existing for many purposes and are first of all done by the manufacturers themselves to get back door access they might need. This is why government critical security systems like nuclear missile systems must be running on the 100% secured silicon.
A well thought out and implemented version control procedure with proper security should make it impossible to insert trojan logic, unless trojan engineers have penetrated a company.
I guess inserting a Trojan may need a team in the design house, how is it be done?
12:30 the term is “silver bullet,” not “gold bullet.” :)
this security thingy is a massive problem. at the end of the day, we all have to trust. and it is less a problem to the consumer as of the manufacturer. if it comes to quality assurement by the manufacturer of his devices, he can never assure the security of his chips. this gives the buyer, mainly profit oriented hardware companies, the opportunity to push down the targeted price by the manufacturer.
in my opinion, the best solution is, to forget about certain aspects of the security infrastructure of a chip, in its entirety. the question wether a chip is save ore not, is comparable to the question, is the cat in the box alive after someone exposed it to deadly poison.
My computer got bios rootkited a few days ago. I'm not phased by that though. Unless it starts generating a lot of internet traffic or such it can just sit there. I can always take out the wifi card and just use the pile of junk for programming. I'd say my life would be a lot better.
that your mom joke was so bad but delivered so well, it went back to good
**slow clap**
I wouls reengineer the gate level netlist from the GDSII files for manufacturing and do an equivalence check wirh the golden functional gate level netlist.
Let's be honest the whole thing falls apart at verification anyway, which as I understand it isn't really curreently possible to do., please check the talk on UA-cam video:
Wednesday 11 00am Keynote Address Impedance Matching Expectations Between RISC V and the Open Har
And he also does have some ideas on how to maybe prevent some of the attacks.
Wouldn't something like and ATPG scan capture any monkeying with the hardware design after layout? This would be where the output from the design should be compared to a theoretical output given by the EDA tool.
Judging by that Coinbase picture, you need to hear this... Not your keys, not your coin!
EDA industry represent
That opening comment about storing your personal biometric information is likely misleading. The biometric data is always stored in a way that's specific to the biometric software and hardware used on that device. It's usually not an image or other common format as most lay people assume.
What this means is that biometric data is useful only on that device or another device set up exactly the same way... If someone somehow accesses and obtains a copy of your biometric data from your phone, it can't be used to gain access to your PC, a website, your banking account through a website and so on... Again, it can only be used to gain access to the original device it came from or another device set up exactly the same way.
So, it's usually no big deal if your biometric data is somehow stolen or accessed.
Jeeeeez did not know about this
Have any trojans been discovered this way?
Would we even be told about it if they did?
Pretty sure whoever discovers is publicising it as soon as possible.
Academics love these kind of stuff and they are the ones who usually find it
So much methods for hardware trojan prevention should mean that lots of such injections happened in the past. But I haven't heard of any.
Are these problems real? Or it is just exploitation of fear by researchers?
is there data on how many phones are compromised?
This video describes every intelligence agency gathering methods. You forgot… backdoors ;) #yourmom
9:14 Link bitte
chip hacker adjust designs to increase compute speed ?
You can, but most chips are run pretty close to maximums these days. Once you start overclocking, you are playing the 'silicon lottery' as some chips from a batch will only run stable at stock speeds, while others will run well boosted, while still others will SEEM to run fine until an edge-case hits, making it intermittent and very very hard to troubleshoot. Your margins are typically under 20%, often under 3%, and it's a pain and possibly unstable. Just buy a faster chip to begin with.
What a very well constructed joke about my mom being turned on
This is insane
I guarantee the NSA has more than zero modifications to popular pre-made designs. Lookup “Crypto AG.”
But the guys on top of Crypto AG knew they were doing it. They were deceiving the people they sold the hardware too, but the hardware itself wasn't tampered by a third party
FYI “GDSII” is usually best pronounced “GDS TWO”. I used this file format in the 80’s. The “II” are Roman Numerals.
John@Asianometry is almost unique on the webtubes, providing actual technical news and information - actual technical, not just the patronizing jargon and bullsh*t used by certain major whistleblowers and leakers...
means: it's imposible to trust human!
jose rey dabalos
make a video on china's own 28nm lithography machines
Today I learned chips can't be trusted
👍
any examples of pre-silicon and in-silicon attacks? are there hw trojans being caught? This feels like an interesting security exercise, but I have hard time imagining we live in such a Ocean's 11 world
Thing is, if you do discover one you are NOT predisposed to letting the public or even a limited audience know.
Why let your adversary know your capabilities and that their plot is foiled?
@@mduckernz that makes perfect sense, but ...but I want to know!
Bold of you to assume I own an iphone
Could you make a video talking about the different cybersecurity companies that offer their software to enterprise companies and the public e.g Norton security
did you just use Norton as an example of cybersecurity? lol.
The key would be to control your tooling down to the mask level (the layout). IE., separating the pure software/data phase from the physical implementation phase. Masks can be compared to the generated layout, and even a fabbed chip can be compared to its layout without reverse engineering it. It is of course true that many of the EDA phases get "thrown over the wall", that is, a Verilog design can be send to a vendor to be laid out. However, the security there is up to the client. If the chip needs high security, the client can bring the tooling in-house to be more secure.
What if there was a hidden trojan in this video, teaching you so that you feel you know methods to mitigate trojans except you don't :D
First thing that comes to mind is the supermicro hardware compromise
A disgruntled employee, a nation state.
Oy veY
How tf do you even get anything done if you spend that much time on trying to confuse anyone who looks at the chip
Intell israel..backdooring since its inception..coding windows...major global infrastructure controller..unit8200..talpiot..
Nuff said
It's all just backdoors. More about maintaining CONTROL than security.
Salted hash
You own property you pay for. Just because a certain hammer design is patented does not mean I cannot repair or modify it as needed. Do not invade human rights or your companies will be liable for damages.
my tin foil hat is resonating ... thanks for highlighting a looming issue "embedded trojans" that only become active when bad actor initiates an attack
I aint have no iphone
Silicon is the least secure human invention.
I bought Precursor by Andrew bunnie Huang and Sean Cross.
It is on FPGA ,but they want to build an optically verifiable phone eventually.
In the latest post on Crowdsupply, Andrew said they have 200 more devices in the current batch.
Support their effort if you want your telecommunications to be more secure.
Giản dị, thật thà , điều mà anh chị đã làm được trong lòng tất cả mọi người. Thật sự tôn trọng và ngưỡng mộ 2 anh chị. 2 anh chị luôn giữ cái cảm xúc này luôn nhennnnn 💋💋❤️❤️❤️
So can these tests be juked the same way volkswagen juked their tests? If so, we're all fucked.
8:35 "no golden version of the chip design" .. wrong, the design is version controlled every step of the way starting on day 1. Every change is checked in, pre verified, and then 'released' for further testing. Unless you've worked in a CPU/SOC design/fab/verification house you can't quite imagine all that goes into the process.
I’m not Asian
If you look in the mirror and squint, you can just make it out.