The Polytechnic Institute of NYU is hosting an interesting embedded systems contest. They’ve constructed a solid state cryptographic device that uses a 128-bit private key. Contestants will be tasked with designing and implementing several trojans into the system that will undermine the security. The system is built on a Digilent BASYS Spartan-3 FPGA board. The trojans could do a wide variety of things: transmitting unencrypted, storing and transmitting previously entered plain text, or just shutting down the system entirely. The modified devices still need to pass the factory testing procedure though, which will measure power consumption, code size, and function. After a qualification round, participants will be given the necessary hardware to compete.
[via NYC Resistor (Happy Birthday!)]
This does seem interisting, and should be a lot of fun for your FPGA guys (personally I am not very fond of them after having to do some work with with at work….). Seems like the fact that they don’t md5 the binaries before burning them makes this too easy… The hardest part would be finding a way to cut the fat on a bit of existing code, then just add a little state machine that looks for magic sequences on the input and acts accordingly, possibly adding a few random gates to make the binary the exact size as the original.
Isn’t this a follow up from defcon’s hardware trojans presenters ?
Scary stuff. The only trusted source of encryption hardware appliances will be those constructed by yourself, assuming you don’t use encryption chips. Big Brother thrives.
Not directly related to the hardware challenge.
This FPGA board sound nice, really affordable. The only stupid thing is that shipping and tax will double the price :(
Ok, I was fine until I saw their logo, that image shall haunt me. Once I viewed this as text only, it looks like fun.
@Marco We’re not related to the people you’re talking about, although their presentation was certainly inspiring.
There are 6 other contests in CSAW besides just the Underhanded Hardware Contest. Go register now!
European, you can buy these boards from a few places in Europe, try lextronic, or digilent romania, the shipping may be cheaper.