Sign In

Communications of the ACM

ACM TechNews

Nsa's Own Hardware Backdoors May Still Be a 'problem From Hell'

View as: Print Mobile App Share:
A threat to security coming in an unlocked backdoor.

The U.S. National Security Agency, and its adversaries, have inserted secret backdoors into computer hardware for surveillance purposes.

Credit: Shutterstock

Computer hardware into which secret backdoors have been inserted by the U.S.'s adversaries is a tremendous security problem, and recent news reports based on leaked documents indicate that the U.S. National Security Agency (NSA) has itself employed this strategy, colluding with U.S. companies to incorporate backdoors into hardware for the purpose of surveillance.

Detecting compromised hardware is virtually impossible, and hardware can access data and perform other functions in ways that are hidden from software.

An October report by The New York Times says the NSA put backdoors into certain encryption chips that governments and businesses use to secure their data, and it collaborated with an unidentified U.S. manufacturer to add backdoors to hardware about to be sent to an overseas target.

Columbia University professor Simha Sethumadhavan says the buyer of a computer chip cannot check to see whether it is compromised, given the many steps and companies involved. "Each and every step in the process can be compromised," he warns. Sethumadhavan says the simplest chip backdooring strategy is to slip extra circuits into third-party IP blocks often purchased by chipmakers, a method aided by a lack of screening tools.

NSA critics say the untraceability of hardware vulnerabilities, and the potential for embedding backdoors within numerous systems, also raises the risk of intelligence agencies exceeding legal surveillance limitations.

From Technology Review
View Full Article


Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account