European Symposium on Research in Computer Security

ESORICS 2008: Computer Security - ESORICS 2008 pp 580-599

CPU Bugs, CPU Backdoors and Consequences on Security

  • Loïc Duflot
Conference paper

DOI: 10.1007/978-3-540-88313-5_37

Volume 5283 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Duflot L. (2008) CPU Bugs, CPU Backdoors and Consequences on Security. In: Jajodia S., Lopez J. (eds) Computer Security - ESORICS 2008. ESORICS 2008. Lecture Notes in Computer Science, vol 5283. Springer, Berlin, Heidelberg

Abstract

In this paper, we present the consequences on the security of operating systems and virtual machine monitors of the presence of a bug or a backdoor in x86 processors. We will not try to determine whether the backdoor threat is realistic or not, but we will assume that a bug or a backdoor exists and analyse the consequences on systems. We will show how it is possible for an attacker to implement a simple and generic CPU backdoor to be later able to bypass mandatory security mechanisms with very limited initial privileges. We will explain practical difficulties and show proof of concept schemes using a modified Qemu CPU emulator. Backdoors studied in this paper are all usable from the software level without any physical access to the hardware.

Keywords

hardware bug hardware backdoor x86 CPU 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Loïc Duflot
    • 1
  1. 1.DCSSI 51 bd. de la Tour MaubourgParis Cedex 07France