Backdoor discovered in Chinese chip in USA

51
Backdoor discovered in Chinese chip in USAThe Chinese backdoor (backdoor, undocumented features) was found in a processor in the US, in the course of a study that was conducted in connection with statements by some intelligence agencies, such as MI5 and the NSA, that microchips may contain “bookmarks” placed by manufacturers.

The FPGA (Programmable Logic Integrated Circuit) chip made in China was chosen as an object for study. Unlike conventional microcircuits, the principle and logic of FPGA operation are not determined by the manufacturer, but are given through programming. Chip - Microsemi / Actel ProASIC3 is widely used in many systems, including nuclear power plants and public transport. The difference in the "military" version of the ProASIC3 version is the best resistance to radiation and electromagnetic effects, as well as temperature differences, the design completely coincides with the "civil" version.

After checking the chip for the presence of "atypical functions", a backdoor was placed there by the manufacturer and able to remove the crypto protection from the chip, change the AES encoding key, gain access to unencrypted data flow or cause significant malfunctions, that is, be used as a kind of " master key ", which did not interfere even with the fact that the configuration was protected by the key of the official user. The researchers who conducted the testing were able to extract the code that could activate the backdoor.

The study was conducted at the Cambridge Laboratory for Pipeline Emission Analysis (PEA) technology which was
Developed with Quo Vadis Labs. This method is very cheap - scanning is performed on equipment costing about one hundred dollars.
The test results were published by Sergey Skorobogatov, a graduate of MEPI, who is an employee of the computer security group at the university. According to him, such a “back door” can be used for personal gain, as a kind of advanced version of Stuxnet. The consequences of such an attack pose a considerable threat to the nat. security and public infrastructure.

In turn, David Graham, from Errata Security, an expert in backdoors in chips, described his vision of this news. He is rather incredulous about the find of Sergey and draws attention to several important, in his opinion, moments.
According to his version, backdoors in integrated circuits are quite common and not all of them are used for malicious purposes. Often their presence is due to technical necessity in the development of the system. Each such product passes testing and debugging (debugging) before release, and often developers forget to turn off the debugger before releasing the product.

Computer chips are already approaching the complexity of software systems, they are made from ready-made blocks, including the standard debugger - contacts on the chip, from which you can remove all service information without inserting the chip into the slot designed for it, which hackers sometimes use. Manufacturers, in order to insure against such unauthorized access, without changing the design of the chip, add an AES cryptographic key (usually bits of the 128 bit), which disables the most dangerous of the debugger commands.
David Graham suggests that Sergey Skorobogatov was able to extract just such a key.

To fully understand the situation, you will have to wait for the official response of the manufacturer, which is Microsemi / Actel.
51 comment
Information
Dear reader, to leave comments on the publication, you must sign in.
  1. tronin.maxim Rank
    tronin.maxim
    +5
    31 May 2012 07: 10
    Hmm. Cyber ​​war! And they don’t think of any methods to engage in theft.
    1. YARY
      YARY
      +23
      31 May 2012 07: 16
      Do not tell tronin.maxim! what
      This is a bell and confirmation of the output: defense electronic "guts" must be able to produce yourself !!! angry
      1. tronin.maxim Rank
        tronin.maxim
        +2
        31 May 2012 07: 28
        He said everything right. But until they understand this and establish their own production, it will be too late!
        1. viruskvartirus Rank
          viruskvartirus
          +6
          31 May 2012 09: 14
          "Russia already produces a fairly wide range of chips. In terms of such characteristics as power consumption, service life, the Russian element base has made a significant step forward compared to the early 1990s, because significant money was invested in the re-equipment of enterprises producing these products. Sufficient funds have been invested in R&D. Therefore, the quality of Russian chips is now very close to the world average. " http://299792458.3dn.ru/publ/67-1-0-6477
      2. Dmitriy69 Rank
        Dmitriy69
        +6
        31 May 2012 07: 54
        Greetings, Andrew. Yes, it’s better to learn from the mistakes of others, though it’s not a fact that we haven’t managed to make our own.
      3. Ross Rank
        Ross
        +3
        31 May 2012 10: 10
        YARY,
        The absolutely correct conclusion! No matter how some laugh at Glonas and other domestic electronics, without its development, we will be hostages of such Trojan horses. Thank God at the top understand this.
    2. nokki Rank
      nokki
      +6
      31 May 2012 07: 51
      The most interesting thing is that our programmers help amers! Money doesn't smell!
      1. neri73-r Rank
        neri73-r
        +6
        31 May 2012 09: 35
        Unfortunately, they have built such a system that the whole world helps them! It is called "periphery-center". Such a system existed in the Roman Empire, the British Empire, now the United States has taken over the baton! We have something similar, but on a microscopic scale, within the borders of the country, as well as within the world.
      2. scrack
        scrack
        +1
        31 May 2012 09: 39
        We have to wait until the dollar will cost like a paper candy wrapper and then all the talented people will remain with us
        1. Tirpitz
          Tirpitz
          +1
          31 May 2012 10: 06
          And how long to wait? 10,20,300 years? this is not an option, you need to work, you can wait for such things on your own head that the children and grandchildren will curse.
          1. 755962
            755962
            +2
            31 May 2012 11: 44
            Nobody wants to sell modern technologies to us, Sergey Sobko emphasized. Already, defense plants are forced to purchase individual elements not directly from a foreign manufacturer, but through third countries and import them into Russia almost through smuggling. The deputy recalled that all over the world radio electronics is developing in a cluster. Therefore, we also need to follow this path, placing the entire technological chain in such a cluster.
            http://vpk.name/news/52311_otstam_semimilnyimi_shagami.html
  2. Alexander Romanov Rank
    Alexander Romanov
    +11
    31 May 2012 07: 11
    Once again confirms, you need to do everything your own. All this electronics can go sideways. With the click of a button, bring out the entire defense system. will end
    1. Armata Rank
      Armata
      +7
      31 May 2012 07: 40
      Hi Sasha. I already wrote that we just know how to make guts better than in the West and in China, but the component base is only 80% so far, you won’t do anything with it at the moment (although tests are already being carried out and there is equipment in Novosib for the manufacture of our own microcircuits, but only piece by piece as an experiment, our group of electronic engineers recently tested several of these for use in the control unit).
      1. Alexander Romanov Rank
        Alexander Romanov
        +5
        31 May 2012 08: 26
        Hi Zhenya, and once everything was its own and the best in the world. Can hunchback strangle somewhere champagne note.
    2. Tersky Rank
      Tersky
      +3
      31 May 2012 10: 30
      Quote: Alexander Romanov
      Once again confirms, you need to do everything your own.

      Alexander, Eugene, welcome! At that time, the first vice-premier of Russia Sergey Ivanov informed us on this subject in 2007. I quote:From an economic point of view, and from the point of view of national security, it is inappropriate to purchase semiconductor materials abroad. Despite the fact that the state armament program involves serial re-equipment of the army and navy with the latest models of military equipment, based on the latest developments in the field of electronic component base, the purchase of these components is no longer relevant. Sergei Ivanov said that at present, Russian defense enterprises are able to supply the needs of military customers with semiconductor, microwave components and materials. Well, where is the result? Forever trying to jump into the last car of the departing train. It can be seen extreme, we have national fun ...
      1. Armata Rank
        Armata
        +4
        31 May 2012 10: 47
        Hello Victor. That is the whole point that they release it only for what went into the series, but they don’t want to develop a new one, that's why we act as catch-up.
    3. Cadet787
      Cadet787
      +4
      31 May 2012 11: 32
      Alexander Romanov. Once again confirms, you need to do everything your own.

      Therefore, the defense industry enterprises should belong to the state, otherwise the novices in the pursuit of profit, for 30 silver coins, they will set such a thing that it will not seem enough.
  3. Tersky Rank
    Tersky
    +5
    31 May 2012 07: 25
    It’s them, (Chinese), a friendly hello with a reminder what will happen if suddenly handed over wink Well, ours has a topic for reflection on manufacturers in our country.
  4. zevs379
    zevs379
    +4
    31 May 2012 07: 26
    And do not we have Chinese chips? So wait for the failure at the most crucial moment. You have to set your own.
  5. Deniska999 Rank
    Deniska999
    +2
    31 May 2012 07: 37
    Of course, yours is always more reliable. Who knows what they pushed there ...
  6. Selbrat Rank
    Selbrat
    +3
    31 May 2012 07: 40
    So that’s a normal phenomenon. And we would probably make the same chips, if we would release them at all. Interestingly, now there are Chinese microcircuits in our planes and missiles as well?
    1. alexng Rank
      alexng
      +5
      31 May 2012 08: 01
      All that concerns the "military", then only the components of domestic production and make us no worse than amers. It's just that our technology is more expensive and it is more profitable for a citizen to buy for a rub-hedgehog. So, as for the military equipment that is manufactured for its own armed forces, all the electronics are Russian, and the one that is exported may have options and then by prior agreement with the customer.
      1. Inzhengr
        Inzhengr
        +4
        31 May 2012 08: 16
        About 20% of the avionics components of our foreign-made combat aircraft, in the US this is even worse, there are about 80%.
        1. Armata Rank
          Armata
          +4
          31 May 2012 08: 38
          Engineer Not only avionics, but also ship systems and many other places where imported ones are used, it’s another matter that for the military it passes special control and there the probability is extremely small. As for America, MOOG is the main supplier for the user’s aerospace program. And they do not even hesitate to say that all of their factories in China have placed not only electronics but also hydraulics and mechanical units. So you can not be surprised where China came from.
  7. Edge_kmv Rank
    Edge_kmv
    +4
    31 May 2012 07: 43
    He is rather incredulous about Sergey’s find Well, who would doubt it (he's Russian, but they don’t know what, they only drink vodka)
  8. Ustas Rank
    Ustas
    +2
    31 May 2012 07: 53
    To fully understand the situation, you will have to wait for the official response of the manufacturer, which is Microsemi / Actel.

    But who is officially recognized.
  9. Averias Rank
    Averias
    +3
    31 May 2012 08: 02
    But what about the fact that mobile phones can instantly be turned into a means of espionage? So look, we are slowly going to the times of technocracy and cyberpunk.
  10. Odessa
    Odessa
    +2
    31 May 2012 08: 07
    The event of the day, the United States uses Chinese chips without knowing the controls (access codes) that only the manufacturer knows. laughing Televisions and telephones have already exploded, if someday an oval cabinet explodes and stars fall from the flag, then China is testing another novelty in the field of Internet technologies.
  11. Igarr Rank
    Igarr
    +5
    31 May 2012 08: 16
    Funny ...
    Ddavid Graham is right, Sergey is right.
    Any microcontroller has this backdoor, otherwise the price is worthless.

    Here another is seen. For some reason, the states need to promote the topic of espionage, precisely from the Chinese.
    Who thinks why this is for the Americans?
    1. Armata Rank
      Armata
      +3
      31 May 2012 08: 54
      It is no secret that China is a leader in industrial espionage. and apparently the Yankees have just begun to realize this and are now looking for an excuse to start a policy of restraining the growth of China.
    2. vorobey Rank
      vorobey
      +4
      31 May 2012 09: 31
      Igar look. Are you all right. but your worker snickering and used to ride a turbocharged Porsche began to demand more. You come to me, I smile at you, bow down and say I will do this work 10 times cheaper, but for the difference you build my workshop, train me and get income. You agree, and then it started. I send you one done in two shifts, and then I start reselling what I produce in the third shift myself, simultaneously mastering another production that is not related to you. You gachin to make claims, but I just send you you cannot transport the workshop to yourself, and you can already take away the most valuable knowledge and experience only with your head. But I had foreseen this and invited a few guys with clubs. and you just can’t even come to me. So it remains for you to return the technology, experience to your tired worker to scream that I am a thief, I have stolen, I am doing poorly, etc. And then I’m on the drum, your customers charge me a lot less. And so that you do not do the dirty things, those clubs that I sell to your security forces, I file a little. that's all. It's childishly simple. And who is all the same a sucker in this situation?
      1. Igarr Rank
        Igarr
        +1
        31 May 2012 10: 28
        Yes, vorobey, exactly.
        An attempt to at least somehow discredit the reputation.

        Themselves, shtatovtsy .... only in debt instruments used to stick in.
        ".................. And here, Bermuda ..
        Why, you can't do that .. "

        We just do not burst.
        About Skolkovo ceased to broadcast loudly.
        Or, the main one in the sandbox?
        Or, it’s just nice to think about it .. - such progress is brewing there, that give way.
        As always in Russia, “friends” would not help, actively.
        And we will overcome everything else.
        1. vorobey Rank
          vorobey
          +1
          31 May 2012 10: 33
          I heard such a cartoon that the Chinese tried to buy Skolkovo, I don’t know how true it is.
  12. uralkos Rank
    uralkos
    +6
    31 May 2012 08: 18
    I can say what I myself know. We have better chips and processors, as well as in recent times, and arrays for night vision sights than others. Few people know that our specialists sold part of their secrets to Intel and that’s why they were able to slightly improve the quality of parallel processes. By the way, our processors work without active cooling. And the matrix for sights surpasses analogues almost twice. It is a pity that we do not know our heroes in person, but given modern espionage, this is rather for the better, primarily for the nat. security.
  13. Follow us Rank
    Follow us
    +3
    31 May 2012 09: 17
    Microsemi is an American company, if that. Digging for themselves? winked Undocumented features are present in so many processors.
  14. vorobey Rank
    vorobey
    +5
    31 May 2012 09: 20
    What for fight?
    Quietly, he pressed the button once — the Abrams stopped turning on, pressed the lva button — F22 threw wings away. I clicked a little Christmas tree and missile defense will not help.

    The yellow-faced brothers have their own cockroaches in their heads. How many of these have been put to our interest
    1. Alexander Romanov Rank
      Alexander Romanov
      +4
      31 May 2012 09: 47
      Sanya, and the computer in your country is made? Mobile, fan and other junk.
      1. Armata Rank
        Armata
        +4
        31 May 2012 09: 51
        Sasha. Well, you won’t shoot from the mobile phone and you won’t fly on the fan, but with regards to the harrows, our Indians prefer it here. Chinese is extremely small.
        1. Alexander Romanov Rank
          Alexander Romanov
          +4
          31 May 2012 10: 00
          I didn’t know Zhenya, and the Indians themselves do not go into China for an hour.
          1. Armata Rank
            Armata
            +2
            31 May 2012 10: 30
            But the FIG knows him. Our megavolts need to ask this question. I go to the smoking room there and find out.
            1. Armata Rank
              Armata
              +2
              31 May 2012 10: 53
              Nifiga. Everything only from trusted Indians and with the permission of the MO. He asked about the counterfeit and also twirled his finger: "Ofigel, even an extra resistor cannot be dragged into our lab"
        2. vorobey Rank
          vorobey
          +5
          31 May 2012 10: 08
          In the US Air Force, pilots and mechanics often communicate through records in
          logbook. After the flight, the pilot records the detected faults, the mechanic responds to them and records the work done. Sometimes it looks something like this ...

          Request: The left inner wheel of the main chassis almost needs to be replaced.
          Answer: The left inner wheel of the main chassis is almost replaced.

          Z .: The test flight was OK, but the autopilot is having difficulty.
          A .: No autopilot is installed on this aircraft.

          Z .: Something is missing in the cockpit.
          A .: It is necessary to become attached.

          Z .: Autopilot in horizontal flight mode shows a decrease
          20 meters per second!
          A .: I can’t reproduce this on earth.

          Z .: Dead beetles on the windshield.
          A .: We have already ordered fresh ones.

          Z.: There are incredible noises in the headphones!
          A .: Noises are brought to more probable.

          Z .: Knock in the cockpit, as if a little man had a hammer.
          A .: A little hammer was taken from a man.

          Z .: Many flies in the cabin.
          A .: Flies are recounted - the number corresponds.

          Z .: The cockpit is dirty - it’s not good for pigs!
          A .: The cockpit is washed - suitable for pigs.

          Z.: On the dashboard, three cockroaches are seen.
          A .: One was killed, one was wounded, one managed to escape.

          Z .: Captain Evans is leaking a pipe.
          A .: No comment.
      2. vorobey Rank
        vorobey
        +5
        31 May 2012 10: 05
        Sanya, I do not argue that in China. Therefore, I say that they are handsome. And we tried to buy our Opel and, apart from the painters, didn’t make anything. They are afraid that technology will get to us.
        1. Alexander Romanov Rank
          Alexander Romanov
          +3
          31 May 2012 10: 17
          Sasha, what kind of problem is the disassembled Opel? If you had seen in what condition the cars come from Japan (the designer), and then the cars are made from this, it’s better than before the cut! We have enough kulibins, a desire is needed. It’s easy to disassemble the maibah.
          1. vorobey Rank
            vorobey
            +3
            31 May 2012 10: 22
            not in this case. Sanya. There are certain technological processes in the manufacture of an engine, etc. which go one after the other, including heat treatment and many other lotions. explain and write for a long time, finger rubbed the corn. Under this business, equipment and stuff is selected. It’s easy to assemble or disassemble a machine unit, but how many files will you need to mold from a Kirov Maybach?
  15. kontrzasada20
    kontrzasada20
    +4
    31 May 2012 09: 46
    And recently, who sent Sukhoi uphill? That's the question of whose avionics he has, maybe someone took control of the aircraft and the pilots did not understand what was happening? It may or may not be.
  16. Shumer
    Shumer
    +10
    31 May 2012 09: 50
    Eh, the Internet, cell phones and other means of wireless communication - our grandfathers long ago invented an excellent, reliable way to deliver information to the enemy laughing
    1. Tirpitz
      Tirpitz
      +5
      31 May 2012 10: 13
      this is not sms, this is a modernized pigeon mail, only the weight of the delivered parcel is increased. laughing
  17. Juga
    Juga
    +4
    31 May 2012 10: 54
    Well done, our Serge, found a backdoor in a chip released in China, BUT developed in America!
    For the sake of truth, I’ll write that a certain Christopher Woods was co-authored.

    If interested, here is a photo of a test bench worth about a hundred bucks (the computer is not shown and is not included in the price):

    Prototype.


    Final version.


    He writes that it takes about an hour to remove a custom 128-bit code ...

    PS And the Chinese themselves in the instructions for the above-mentioned chip strongly recommend "grounding" the JTAG test inputs in order to avoid "malfunctions".
    1. vorobey Rank
      vorobey
      +5
      31 May 2012 11: 03
      Well, hell did he find it there? it would be better if I found and warned ours, quietly, quietly. And let the amers fight with China.
      1. Juga
        Juga
        +4
        31 May 2012 11: 08
        Cowboys are even talented people ...
        As said:
        They pay for betrayal, patriotism is disinterested.
        1. vorobey Rank
          vorobey
          +4
          31 May 2012 11: 11
          As O. Bender said, in my childhood I killed such slingshots.
  18. kotdavin4i Rank
    kotdavin4i
    0
    31 May 2012 11: 05
    Once upon a time, everything was on our lamps and worked perfectly - maybe we will return ???
  19. Drugar
    Drugar
    +3
    31 May 2012 11: 43
    To fully understand the situation, you have to wait for the official response of the manufacturer ...

    I am afraid that in order to fully understand the situation, I will have to wait for the outbreak of World War II, then everything will become clear: where and what bookmarks, who bought from whom, and so on ... Here is the "manufacturer's answer".
    1. sealord
      sealord
      +1
      31 May 2012 13: 53
      have to wait until the start of the world war, then everything will become clear

      When it starts - Internet and so on. will not be. FROM WHERE, will you receive "confirmation"?
  20. Pilot200809 Rank
    Pilot200809
    +2
    31 May 2012 13: 40
    You have to do your own, or at a certain moment, it either refuses or fades in your
  21. Oleg777
    Oleg777
    -1
    31 May 2012 18: 37
    Here are quick-eyed crooks !!! If they infiltrated the Pentagon with a counterfact, what can we say about others?