January 3, 2008
A single innocent or intentional bug in a computer's processing chip could lead to a huge security disaster. That's the warning recently issued by cryptographer Adi Shamir of the Weizmann Institute. Such a bug "can be secretly exploited in an essentially undetectable way by a sophisticated intelligence organization," he wrote in a research note. "Almost all the presently deployed public key schemes will become vulnerable to such an attack."
Shamir collaborated with Ronald L. Rivest and Leonard M. Adleman to create the RSA public-key cryptosystem three decades ago. Widely used, the RSA scheme is one of the world's most important encryption algorithms.
Processing chips have contained flaws in the past. In 1994, for instance, Intel's newly introduced Pentium chip for a time incorporated incorrect arithmetic. In general, however, cryptographers have considered such flaws extremely difficult to exploit because of their rarity. In addition, manufacturers almost always notice and then reject defective chips.
But now, according to Shamir, there's the danger of the so-called poisoned input. If a spy knows of an error that a particular type of chip makes, he can send a cleverly disguised message to the recipient's computer, forcing it to perform the erroneous computation during decryption and, in the process, reveal the secret key required to decrypt a message. What makes such a bug attack especially dangerous is that faulty chips might find their way into the sensitive computer systems of banks, governments, and high-security facilities.
"This illustrates in a very crisp way what makes security so difficult," Paul Kocher of Cryptography Research told Science News. "There's this assumption in cryptography that every other part of the system is working perfectly, every processor and every chip and every Internet transaction. Very often, those assumptions aren't correct."
Source: Science News, Dec. 8, 2007.