Can TSMC backdoor every machine on Earth, including airgapped computer clusters for the US govt and all S&P500 companies?
Here’s how the backdoor might work:
Maintain a hardcoded set of assembly instructions involved in RSA, AES and ECC encryption.
After every million assembly instructions, read a hundred assembly instructions. Perform set membership to check if these instructions are likely to be RSA, AES or ECC.
If yes, start monitoring every instruction, simulate its running on a separate portion of RAM which is secretly allocated. Find the private key. Encrypt it with Morris Chang’s pubkey. Hide this encrypted private key in a secretly allocated portion of RAM and in a secretly allocated portion of disk. (Every TSMC chip knows the addresses where it is hidden)
If the user tries to export their encrypted files from the computer to external disk, also hide the encrypted private key in this data.
Hope and pray the files eventually make it to a non-airgapped TSMC-chip machine. Chip can use some heuristics to check if the machine is “low monitoring”. If yes, send the files and private key via internet to Morris Chang’s server.
Can TSMC backdoor every machine on Earth, including airgapped computer clusters for the US govt and all S&P500 companies?
Here’s how the backdoor might work:
Maintain a hardcoded set of assembly instructions involved in RSA, AES and ECC encryption.
After every million assembly instructions, read a hundred assembly instructions. Perform set membership to check if these instructions are likely to be RSA, AES or ECC.
If yes, start monitoring every instruction, simulate its running on a separate portion of RAM which is secretly allocated. Find the private key. Encrypt it with Morris Chang’s pubkey. Hide this encrypted private key in a secretly allocated portion of RAM and in a secretly allocated portion of disk. (Every TSMC chip knows the addresses where it is hidden)
If the user tries to export their encrypted files from the computer to external disk, also hide the encrypted private key in this data.
Hope and pray the files eventually make it to a non-airgapped TSMC-chip machine. Chip can use some heuristics to check if the machine is “low monitoring”. If yes, send the files and private key via internet to Morris Chang’s server.