InfoQ – Can We Build Trustable Hardware?
06Jan20
Andrew “bunnie” Huang recently presented at the 36th Chaos Communication Congress (36C3) on ‘Open Source is Insufficient to Solve Trust Problems in Hardware‘ with an accompanying blog post ‘Can We Build Trustable Hardware?‘. His central point is that Time-of-Check to Time-of-Use (TOCTOU) is very different for hardware versus software, and so open source is less helpful in mitigating the array of potential attacks in the threat model. Huang closes by presenting Betrusted, a secure hardware platform for private key storage that he’s been working on, and examining the user verification mechanisms that have been used in its design.
Filed under: InfoQ news, security | Leave a Comment
Tags: FPGA, hardware, open source, trust
No Responses Yet to “InfoQ – Can We Build Trustable Hardware?”