top | item 24961964

(no title)

strmpnk | 5 years ago

This is true, but the difficulty of making a general purpose FPGA fabric manipulate generic bitstream descriptions in an undetectable way is much harder than putting hidden backdoors in well defined ISAs. What amount of hardware validation is reasonable?

It depends on what you'd like to accomplish, but given that powerful FPGAs are now more affordable and plenty of great FPGA friendly libraries are emerging which work with open source tools, the barrier for Soft-CPU implementations has lowered significantly. This sort of project looks great for cases where trusting blackbox chips was questionable.

discuss

unknown|5 years ago

[deleted]

codethief|5 years ago

> This is true, but the difficulty of making a general purpose FPGA fabric manipulate generic bitstream descriptions in an undetectable way is much harder than putting hidden backdoors in well defined ISAs.

Could you (or anyone else) elaborate on this? If possible, ELI5 please because I know very little about hardware. :)

saagarjha|5 years ago

I think a somewhat useful analogy would be the difference in difficulty of making a backdoored compiler versus a backdoored binary. The former has to deal with a lot more things than the latter if you'd like to effectively subvert it.