Communications of the ACM
Nsa's Own Hardware Backdoors May Still Be a 'problem From Hell'
The U.S. National Security Agency, and its adversaries, have inserted secret backdoors into computer hardware for surveillance purposes.
Credit: Shutterstock
Computer hardware into which secret backdoors have been inserted by the U.S.'s adversaries is a tremendous security problem, and recent news reports based on leaked documents indicate that the U.S. National Security Agency (NSA) has itself employed this strategy, colluding with U.S. companies to incorporate backdoors into hardware for the purpose of surveillance.
Detecting compromised hardware is virtually impossible, and hardware can access data and perform other functions in ways that are hidden from software.
An October report by The New York Times says the NSA put backdoors into certain encryption chips that governments and businesses use to secure their data, and it collaborated with an unidentified U.S. manufacturer to add backdoors to hardware about to be sent to an overseas target.
Columbia University professor Simha Sethumadhavan says the buyer of a computer chip cannot check to see whether it is compromised, given the many steps and companies involved. "Each and every step in the process can be compromised," he warns. Sethumadhavan says the simplest chip backdooring strategy is to slip extra circuits into third-party IP blocks often purchased by chipmakers, a method aided by a lack of screening tools.
NSA critics say the untraceability of hardware vulnerabilities, and the potential for embedding backdoors within numerous systems, also raises the risk of intelligence agencies exceeding legal surveillance limitations.
From Technology Review
View Full Article
Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA
No entries found