Software has signed hash esmography and other methods to verify its integrity, but how can you verify the hardware to ensure that they are trustworthy and unaltered? Andrew ‘bunnie’ Huang, a well-known hardware hacker, discussed the issue at a meeting of the Chaos Computer Club (36C3) over the weekend (YouTube).
A few years ago, Huang Xinguo and friends built an open source laptop Novena, and in the process they realized that building a fully trusted open source hardware was very difficult, and even if you could build your own CPU and SSD, you couldn’t be sure they were trustworthy. Because you can’t make sure that your hardware isn’t tampered with at every point in the supply chain. Delivery drivers, customs officials, and warehouse workers may have access to hardware and have the opportunity to tamper with hardware, even before the product is delivered to the customer.
He concludes that there is no difference in the credibility of open hardware and closed-source hardware. The software has near-perfect trust transfer mechanisms, such as verifying hash values, but the hardware cannot use these methods.
He describes three principles for building trusted hardware: complexity is the enemy of validation; He and his friends launched the Betrusted Project to practice these three principles.