Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

Submission Preview

Link to Story

Analog malicious hardware

Accepted submission by Anonymous Coward at 2016-05-27 11:58:18
Security

An Anonymous Coward writes:

https://lwn.net/Articles/688751/ [lwn.net]

"Worth a read: this paper [PDF][1][2] From Kaiyuan Yang et al. on how an analog back door can be placed into a hardware platform like a CPU. "In this paper, we show how a fabrication-time attacker can leverage analog circuits to create a hardware attack that is small (i.e., requires as little as one gate) and stealthy (i.e., requires an unlikely trigger sequence before effecting [sic] a chip's functionality). In the open spaces of an already placed and routed design, we construct a circuit that uses capacitors to siphon charge from nearby wires as they transition between digital values. When the capacitors fully charge, they deploy an attack that forces a victim flip-flop to a desired value. We weaponize this attack into a remotely-controllable privilege escalation by attaching the capacitor to a wire controllable and by selecting a victim flip-flop that holds the privilege bit for our processor.""

[1] Link to PDF in article: http://static1.1.sqspcdn.com/static/f/543048/26931843/1464016046717/A2_SP_2016.pdf [sqspcdn.com]
[2] Read PDF online as images: (Large print) https://archive.is/n43DY [archive.is]
[3] Read PDF online as images: (Small print) https://archive.is/7vbNp [archive.is]

Original Submission