Cavium, a maker of semiconductors acquired in 2018 by Marvell, was identified in the documents leaked in 2013 by Edward Snowden as a vendor that cooperated with US intelligence agencies to backdoor its chips, it is alleged.
That claim, which Marvell denies, surfaced in the PhD thesis of Jacob Appelbaum, "Communication in a world of pervasive surveillance: Sources and methods: Counter-strategies against pervasive surveillance architecture." Appelbaum's thesis was published in March 2022 and received little public attention until mentioned in security blog Electrospaces.net last week.
Appelbaum in 2012 worked with documentarian Laura Poitras on the Snowden leak. He left the Tor Project in 2016 amid allegations he strenuously denied and subsequently enrolled in Eindhoven University of Technology in the Netherlands, where he is a postdoctoral researcher in computer science and cryptography.
In the thesis, on page 71, footnote 21 says, "While working on documents in the Snowden archive the thesis author learned that an American fabless semiconductor CPU vendor named Cavium is listed as a successful SIGINT 'enabled' CPU vendor. By chance this was the same CPU present in the thesis author’s internet router (UniFi USG3). The entire Snowden archive should be open for academic researchers to better understand more of the history of such behavior."
The implication, made explicit by the thesis index that references the footnote as "Cavium CPU backdoor," is that Cavium secretly compromised some of its chips to accommodate US intelligence efforts, providing a way for snoops to somehow access devices powered by those semiconductors.
Appelbaum, reached late in the evening, was not immediately able to respond.
Marvell, which bought Cavium five years ago, disputes Appelbaum's claim.
"Marvell places the highest priority on the security of its products," a spokesperson told The Register. "Marvell does not, and Cavium did not, implement 'backdoors' for any government.
Marvell does not, and Cavium did not, implement 'backdoors' for any government
"Marvell supports a wide variety of protocols and standards including IPsec, SSL, TLS 1.x, DTLS and ECC Suite B. Marvell also supports a wide variety of standard algorithms including several variants of AES, 3DES, SHA-2, SHA-3, RSA 2048, RSA 4096, RSA 8192, ECC p256/p384/p521, Kasumi, ZUC and SNOW 3G. All Marvell implementations are based on published security algorithm standards.
"Marvell’s market leading NITROX family delivers unprecedented performance for security in the enterprise and virtualized cloud data centers. The NITROX product line is the industry leading security processor family designed into cloud data center servers and networking equipment, enterprise and service provider equipment including servers, Application Delivery Controllers, UTM Gateways WAN Optimization Appliances, routers, and switches."
Appelbaum's claim reminds us of allegations that surfaced in 2018 about Supermicro server motherboards containing spy chips, a claim Supermicro denied and didn't stand up to scrutiny. There's also Juniper's use of the NSA's Dual Elliptic Curve Deterministic Random Bit Generator algorithm in its NetScreen devices back in 2008 – an algorithm described by computer scientists as "a standardized back door." [PDF]
The Register spoke with a former executive at a major US-based chipmaker who said he frequently had to answer questions from the government about chip security. The attitude a decade ago, he said, was "we want you to make things easy and accessible for us."
Government officials would come to talk about making hardware more secure, but would bring someone along from signals intelligence, from the NSA. These were generally conversations and not demands.
"We'd say he's not welcome," the executive said. "We'd tell them to fuck off all the time."
The reason for that was this firm did a lot of business in China and understood the financial risk of being caught compromising its hardware.
"But I think a lot of companies buckled," our source said.
He also said questions were raised about how the company could ensure that components made in China or Taiwan hadn't been compromised. He said the biz could barely make its chips work reliably in the first place, so if alterations were being made in the foundry it would be noticed.
But compromising hardware with added components, he said, is generally more effort and riskier than just identifying flaws in existing off-the-shelf hardware. The easier way to do it, he suggested, is to destroy the root key with laser fault injection [PDF] and then, having broken the cryptography, to hunt around for defects that allow remotely loadable exploits. ®
Source: The register