With many believing open-source software is more secure than proprietary software, we are now also seeing attempts to apply a similar theory to hardware development. At the 36th Chaos Communication Congress (36C3) hackers’ conference last month, however, experts Andrew “bunnie” Huang, Sean “xobs” Cross, and Tom Marble raised doubts about whether employing open-source development is enough to solve trust problems in hardware. Huang spoke at length on the topic.
Differences between hardware and software in terms of trust
Open-source software’s safety lies not only in its openness, but also in widely used tools that help ensure the program you run at the endpoint is true to the published source code. Programmers sign their software with a digital certificate, for example, and the system checks the certificate before running the software on a user’s computer.
With hardware, it’s a different story. With no hardware analogs for hashing or digital signatures, users have no tools to check hardware’s authenticity against published information about it. The last time a device or chip is actually checked is at the factory. And the longer the gap between factory check and device use, the greater the chance of a successful MITM attack.
What can go wrong?
Generally speaking, anything at all can happen to chips or entire devices between leaving the factory and being used for the first time. To begin with, firmware can be replaced. (Sure, firmware is actually a software problem, so it can be verified, but you still have to rely on hardware during verification.) That’s why Huang focused on problems — component replacements, modifications, and implants — having to do strictly with hardware.
Adding components
These days, a totally unauthorized module can fit into a charging cable’s USB connector. Naturally, it’s even easier to tamper with more sophisticated multicomponent equipment that provides much more room for implants. The only good news here is that it’s relatively easy to detect added chip.
Substituting components
The simplest substitution trick is to tamper with marking. One real-life example: A misbehaving microcontroller showed, on visual check, to have the right mark (from STMicroelectronics) on an altogether different chip. That time, the cheat was an expensive component replaced with a cheap one, but the replacement could have contained anything at all.
Chip modification
People tend to think that chips cannot be modified once out of the factory, but that is not so. In many cases what we see as a single chip is actually several separate microcircuits in one package. An experienced adversary can use the same technology to put one more tiny piece of silicon into the very same package and connect this implant to existing contacts.
In fact, equipment to do just that is relatively inexpensive and readily available (according to the speaker, a used wirebonding machine from China costs about $7,000), although the falsified results will be detectible in X-rays.
Wafer-level chip-scale packages (WL-CSP) are much costlier to modify, but X-rays won’t reveal the deception.
Integrated circuit (IC) modification
Typically, companies design chips for their field-specific tasks but outsource them for production; only large market players can afford to produce their own chips. In this kind of arrangement, there is more than one way to modify the end product such that it still complies with the terms of reference. Moreover, after a chip or device is out of the designers’ hands, it’s rare anyone bothers to cross-check the resulting product against the original specifications.
At what point can hardware be altered?
The presenter offered several substitution scenarios ranging from fairly tricky (in-transit interception of cargo as an extreme example) to comparatively easy. Broadly speaking, anybody can buy a product, tamper with it, and return it to the seller, who can sell it again. And, formally, at various stages of procurement, the manufacturer’s packing team, customs agents, and many more parties have access to the equipment, and any of them can tamper with it if they choose. For all intents and purposes, using open-source hardware will not improve security much.
Conclusions
Toward the end of his presentation, Huang speculated about what hardware production changes could enable end users to verify the safety of chips and devices. Those interested in the movement’s philosophy, as well as the technical details of chip modification, should view the presentation video.
Not all of the many ways to make hardware dangerous are expensive or laborious, and most important, there is no direct correlation between an attack’s complexity and how difficult it is to detect. As for business users, stay mindful of the threat and do not rely solely on endpoint security products; corporate infrastructure protection systems fend off advanced threats and targeted attacks.