Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Chinese Chip Maker Comments on Backdoor Found on Chip Used by U.S. Military

Earlier this week, SecurityWeek reported on news that Cambridge University researchers discovered a backdoor on a field-programmable gate array (FPGA) chip used by the U.S military. The news originally spread like wildfire, but shortly after, some began to doubt that the story was worth the hype.

Earlier this week, SecurityWeek reported on news that Cambridge University researchers discovered a backdoor on a field-programmable gate array (FPGA) chip used by the U.S military. The news originally spread like wildfire, but shortly after, some began to doubt that the story was worth the hype.

“Our aim was to perform advanced code breaking and to see if there were any unexpected features on the chip. We scanned the silicon chip in an affordable time and found a previously unknown backdoor inserted by the manufacturer. This backdoor has a key, which we were able to extract. If you use this key you can disable the chip or reprogram it at will, even if locked by the user with their own key,” the research overview explained.

The overview, and the fact that China is where the world gets its silicon supply, quickly led to sensationalistic headlines charging the Communist nation with espionage. Yet, some became skeptical because no one else discovered the flaw, and because the researchers are looking to sell the fuzzing technology. They have been accepted to present their work at a peer-review conference later this fall.

Errata Security’s Robert Graham called the news false, adding that while the researchers did discover the backdoor on the FPGA chip, there is no evidence that the Chinese put it there or that it is malicious.

Microsemi, the company who produced the FPGA chip in question, has now responded to the report, and issued the following statement.

“According to these researchers, in order for the extraction of the security key to occur, the pins of the FPGA device involved needed to be physically connected to the researchers’ custom-designed attack hardware. Microsemi has not been able to confirm or deny the researchers’ claims since they have not contacted Microsemi with the necessary technical details of the set-up nor given Microsemi access to their custom-designed equipment for independent verification.”

Additionally, the statement goes on to note, “there is no designed feature that would enable the circumvention of the user security.”

Addressing the backdoor itself, the statement says that it “can only be entered in a customer-programmed device when the customer supplies their passcode, thus preventing unauthorized access by Microsemi or anyone else.”

Advertisement. Scroll to continue reading.

Microsemi says that shipped devices are checked to ensure that the backdoor is disabled, begging the question as to what type of device the researchers themselves were working with. The Register highlighted the same question in their coverage of the Microsemi statement.

“Here in El Reg’s antipodean eyrie, we’re therefore keen to know if Skorobogatov and Woods worked with a brand new FPGA, because if we take Microsemi’s word for it there’s no reason a virgin ProASIC3 would have a passkey lurking within. But we can imagine a used ProASIC3’s passkey being extracted using the researchers’ cunning methods. How did the key get there?”

The full response from Microsemi with respect to the reported backdoor on its ProASIC 3 can be found here.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.