Does that means...

By: Igor ((Not Given)), July 23, 2004 10:42 pm
Room: Moderated Discussions
Anonymous (nospam@nospam.com) on 7/23/04 wrote:
---------------------------
>Jan (jvorbrueggen@mediasec.de) on 7/23/04 wrote:
>---------------------------
>>>Now, how long before someone hacks the Intel encoding of their processor patches ?
>>
>>If they did it properly using asymmetric cryptography, you won't.
>>
>
>It's most likely a one time pad combined with a special CRC algorithm. Public key
>encryption was far too complex to implement in microcode or hardware back when Intel
>designed the update format for the Pentium II around 1996. That same basic format
>is used today (although the specific encryption algorithm might have changed.)
>
>An extremely well equipped engineer could probably analyze the P4 die itself to
>extract the key mask and maybe the signature algorithm; it's fairly well established
>where in the circuitry this takes place. However, it's unlikely someone would waste
>the time and money doing this just out of curiosity. Only major competitors would
>be interested, which basically means AMD - and they clearly have no problem developing
>their own technology without reverse engineering Intel's design.
>

Just one thing, new Prescott chips have variable microcode size (stored in previously reserved fields of the header). I have seen updates 4000 bytes long (before it was 2000 bytes max). They also have added something to the end of the update data called extended signature table which is meant to signalize that the said update supports more multiple processors steppings and/or models.

Regarding the key mask and signature, would it be possible to use any simpler method?

Assuming that the CPU does not load the update directly into the microcode ROM/RAM because it needs to authenticate and decrypt it first, there is a possibility that it performs decryption/authentication in the L1 or L2 cache. Would it be possible to break it using ITP debug thing and read the decrypted update from cache?
< Previous Post in ThreadNext Post in Thread >
TopicPosted ByDate
Opteron Exposed: Reverse Engineering AMD K8 Microcode UpdatesAnonymous2004/07/22 01:39 AM
  Opteron Exposed: Reverse Engineering AMD K8 MicrocDresdenboy2004/07/22 05:13 AM
    Opteron Exposed: Reverse Engineering AMD K8 MicrocAK2004/07/22 08:49 AM
      Opteron Exposed: Reverse Engineering AMD K8 MicrocDresdenboy2004/07/22 10:26 AM
        the former posting has no new text, continue hereDresdenboy2004/07/22 10:32 AM
  An additionDresdenboy2004/07/22 08:04 AM
    An additionAnonymous2004/07/22 02:32 PM
      An additionDresdenboy2004/07/22 02:55 PM
  Opteron Exposed: Reverse Engineering AMD K8 Microctom vier2004/07/22 08:38 AM
    Opteron Exposed: Reverse Engineering AMD K8 MicrocWouter Tinus2004/07/22 08:56 AM
    Opteron Exposed: Reverse Engineering AMD K8 MicrocIgor2004/07/23 10:00 PM
      Opteron Exposed: Reverse Engineering AMD K8 MicrocKronos2004/07/24 02:04 PM
  Opteron Exposed: Reverse Engineering AMD K8 Microcode UpdatesMax2004/07/22 01:01 PM
    Opteron Exposed: Reverse Engineering AMD K8 Microcode UpdatesAnonymous2004/07/22 05:26 PM
  Does that means..._Arthur2004/07/22 10:01 PM
    Does that means...Dresdenboy2004/07/23 03:27 AM
    Does that means...Jan2004/07/23 07:51 AM
      Does that means...Anonymous2004/07/23 03:10 PM
        Does that means...Igor2004/07/23 10:42 PM
          Does that means...Anonymous2004/07/24 09:53 PM
            Does that means...Igor2004/07/25 12:08 AM
            Does that means...Anonymous2004/07/25 12:17 AM
              Does that means...anonymous2004/07/25 04:31 PM
                Does that means...Igor2004/07/26 08:42 PM
  Permanent virusess.chauhan2004/07/27 12:25 AM
    Permanent virusesAnonymous2004/07/27 10:42 AM
  Finding candidates to replace their microcodeDresdenboy2004/08/19 02:06 AM
    Finding candidates to replace their microcodePaul DeMone2004/08/19 06:22 AM
      Finding candidates to replace their microcodeDavid Kanter2004/08/19 06:53 AM
        Finding candidates to replace their microcodefoobar2004/08/19 09:55 AM
          Finding candidates to replace their microcodeDavid Kanter2004/08/19 10:58 AM
          Finding candidates to replace their microcodeAnonymous2004/08/20 01:56 PM
            Finding candidates to replace their microcodehobold2004/08/23 03:14 PM
      Finding candidates to replace their microcodeDresdenboy2004/08/19 10:59 AM
        Finding candidates to replace their microcodeanonymous2004/08/19 03:35 PM
        Finding candidates to replace their microcodeAnonymous2004/08/20 02:23 PM
          Finding candidates to replace their microcodeGroo2004/08/20 09:25 PM
          Finding candidates to replace their microcodeDresdenboy2004/08/21 05:01 AM
            Finding candidates to replace their microcodeAnonymous2004/08/21 04:45 PM
              Finding candidates to replace their microcodeanonymous2004/08/21 09:45 PM
      Finding candidates to replace their microcodeMatt Craighead2004/08/19 01:18 PM
      Finding candidates to replace their microcodeRick C. Hodgin2004/08/21 04:58 AM
        Finding candidates to replace their microcodeanonymous2004/08/21 09:41 PM
          Finding candidates to replace their microcodeRick C. Hodgin2004/08/22 08:31 AM
            Finding candidates to replace their microcodeanonymous2004/08/23 08:56 AM
Reply to this Topic
Name:
Email:
Topic:
Body: No Text
How do you spell green?