Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Chinese Chip Maker Comments on Backdoor Found on Chip Used by U.S. Military

Earlier this week, SecurityWeek reported on news that Cambridge University researchers discovered a backdoor on a field-programmable gate array (FPGA) chip used by the U.S military. The news originally spread like wildfire, but shortly after, some began to doubt that the story was worth the hype.

Earlier this week, SecurityWeek reported on news that Cambridge University researchers discovered a backdoor on a field-programmable gate array (FPGA) chip used by the U.S military. The news originally spread like wildfire, but shortly after, some began to doubt that the story was worth the hype.

“Our aim was to perform advanced code breaking and to see if there were any unexpected features on the chip. We scanned the silicon chip in an affordable time and found a previously unknown backdoor inserted by the manufacturer. This backdoor has a key, which we were able to extract. If you use this key you can disable the chip or reprogram it at will, even if locked by the user with their own key,” the research overview explained.

The overview, and the fact that China is where the world gets its silicon supply, quickly led to sensationalistic headlines charging the Communist nation with espionage. Yet, some became skeptical because no one else discovered the flaw, and because the researchers are looking to sell the fuzzing technology. They have been accepted to present their work at a peer-review conference later this fall.

Errata Security’s Robert Graham called the news false, adding that while the researchers did discover the backdoor on the FPGA chip, there is no evidence that the Chinese put it there or that it is malicious.

Microsemi, the company who produced the FPGA chip in question, has now responded to the report, and issued the following statement.

“According to these researchers, in order for the extraction of the security key to occur, the pins of the FPGA device involved needed to be physically connected to the researchers’ custom-designed attack hardware. Microsemi has not been able to confirm or deny the researchers’ claims since they have not contacted Microsemi with the necessary technical details of the set-up nor given Microsemi access to their custom-designed equipment for independent verification.”

Additionally, the statement goes on to note, “there is no designed feature that would enable the circumvention of the user security.”

Addressing the backdoor itself, the statement says that it “can only be entered in a customer-programmed device when the customer supplies their passcode, thus preventing unauthorized access by Microsemi or anyone else.”

Advertisement. Scroll to continue reading.

Microsemi says that shipped devices are checked to ensure that the backdoor is disabled, begging the question as to what type of device the researchers themselves were working with. The Register highlighted the same question in their coverage of the Microsemi statement.

“Here in El Reg’s antipodean eyrie, we’re therefore keen to know if Skorobogatov and Woods worked with a brand new FPGA, because if we take Microsemi’s word for it there’s no reason a virgin ProASIC3 would have a passkey lurking within. But we can imagine a used ProASIC3’s passkey being extracted using the researchers’ cunning methods. How did the key get there?”

The full response from Microsemi with respect to the reported backdoor on its ProASIC 3 can be found here.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

The US arm of networking giant TP-Link has appointed Adam Robertson as Director of Information and Security.

Cyber exposure management firm Armis has promoted Alex Mosher to President.

Software giant Atlassian has named David Cross as its new CISO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.