Military chip security broken

Using the processing power of graphic cards, German scientists breached the security of programmable microcomputers. Embedded computer systems being used in military and aerospace industry based on FPGA (Field Programmable Gate Array) are vulnerable to attacks in which their power consumption is monitored.

It is sufficient to monitor the power consumption fluctuation during the correct key entry and decryption only once. After that numerical operations carried out on graphics processors follow, that after 6 hours in case of the older Virtex 4 microcomputer or 9 hours in case of the newer Virtex 5, reveal the password for decrypting the data. As these chips are mass-produced, a large number of products from the same series have the same password. That opens a way for users with malicious intent to take control of the systems these chips operate by encrypting their commands with the right key so the computer won’t distinguish them from the original instructions. It also opens a way to counterfeit these chips, but even to write Trojans adapted for chips like these. For more information it is possible to find original news at The Register web site.