Raja Bose wrote:
Pranav, The first quote is pretty vague on what has been stolen worth hundreds of millions of dollars and how. The examples she cites have more to do with network and associated software weaknesses rather than hardware. And considering this article is written by John Markoff (remember the whole Mitnick/Tsutomu drama?), I don't rate it too highly in terms of background research.
The main point is that hardware Trojans have been used, and are a factor that must be taken into account.
But as military planners have come to view cyberspace as an impending battlefield, American intelligence agency experts said, all sides are arming themselves with the ability to create hardware Trojan horses and to hide them deep inside the circuitry of computer hardware and electronic devices to facilitate military attacks.
Raja Bose wrote:
The 2nd quote is about a kill-switch. There is nothing rogue about kill-switches or backdoors because they are put there on purpose by the manufacturer and in case of defence equipment, if you are just a client who is paying to acquire a finished product, you don't get access to underlying technology except what is required for maintainance due to IPR and other sensitivity issues. OTOH if you are the country who is getting those weapons designed and manufactured even though you are using COTS components, you will have full access to every aspect of their design and manufacture - this is always a requirement.
More about kill-switches from http://spectrum.ieee.org/semiconductors ... l-switch/0
Almost all FPGAs are now made at foundries outside the United States, about 80 percent of them in Taiwan. Defense contractors have no good way of guaranteeing that these economical chips haven't been tampered with. Building a kill switch into an FPGA could mean embedding as few as 1000 transistors within its many hundreds of millions. ”You could do a lot of very interesting things with those extra transistors,” Collins says.
The rogue additions would be nearly impossible to spot. Say those 1000 transistors are programmed to respond to a specific 512-bit sequence of numbers. To discover the code using software testing, you might have to cycle through every possible numerical combination of 512-bit sequences. That's 13.4 × 10153 combinations. (For perspective, the universe has existed for about 4 × 1017 seconds.) And that's just for the 512-bit number--the actual number of bits in the code would almost certainly be unknown. So you'd have to apply the same calculations to all possible 1024-bit numbers, and maybe even 2048-bit numbers, says Tim Holman, a research associate professor of electrical engineering at Vanderbilt University, in Nashville. ”There just isn't enough time in the universe.”
Those extra transistors could create a kill switch or a backdoor in any chip, not just an FPGA. Holman sketches a possible scenario: suppose those added transistors find their way into a networking chip used in the routers connecting the computers in your home, your workplace, banks, and military bases with the Internet. The chip functions perfectly until it receives that 512-bit sequence, which could be transmitted from anywhere in the world. The sequence prompts the router to hang up. Thinking it was the usual kind of bug, tech support would reset the router, but on restart the chip would again immediately hang up, preventing the router from connecting to the outside world. Meanwhile, the same thing would be happening to similarly configured routers the world over.
The router scenario also illustrates that the nation's security and economic well-being depend on shoring up not just military chips but also commercial chips. An adversary who succeeded in embedding a kill switch in every commercial router could devastate national security without ever targeting the Defense Department directly.
A kill switch or backdoor built into an encryption chip could have even more disastrous consequences. Today encoding and decoding classified messages is done completely by integrated circuit--no more Enigma machine with its levers and wheels. Most advanced encryption schemes rely on the difficulty that computers have in factoring numbers containing hundreds of digits; discovering a 512-bit type of encryption would take some machines up to 149 million years. Encryption that uses the same code or key to encrypt and decrypt information--as is often true--could easily be compromised by a kill switch or a backdoor. No matter what precautions are taken at the programming level to safeguard that key, one extra block of transistors could undo any amount of cryptography, says John East, CEO of Actel Corp., in Mountain View, Calif., which supplies military FPGAs.
”Let's say I can make changes to an insecure FPGA's hardware,” says East. ”I could easily put a little timer into the circuit. The timer could be programmed with a single command: ’Three weeks after you get your configuration, forget it.' If the FPGA were to forget its configuration information, the entire security mechanism would be disabled.”
Alternately, a kill switch might be programmed to simply shut down encryption chips in military radios; instead of scrambling the signals they transmit, the radios would send their messages in the clear, for anybody to pick up. ”Just like we figured out how the Enigma machine worked in World War II,” says Stanford's Adler, ”one of our adversaries could in principle figure out how our electronic Enigma machines work and use that information to decode our classified communications.”
Raja Bose wrote:
In case of the EVM, if India for example, were using Diebold machines then the whole concept of not having complete access would come about since India would be acquiring an existing product for a price. However, in this case the EVMs are custom designed and manufactured for India hence, there is no question of GoI being denied access to any part of manufacturing or design. Moreover, none of its components are custom designed or have any significant IPR issues, having being used for the last 2 decades.
You are making several assumptions - (1) that a party that pays for full access is actually given full access (2) people controlling the GoI do not want to rig elections. Remember we are a nation whose Chief Vigilance Commissioner Thomas is a suspected criminal, presently out of jail on bail.