Just How Bad are Backdoors?

Posted on Feb 18, 2021

Some brief thoughts on backdoors and security.

What are Backdoors?

From MalwareBytes.com

“A backdoor refers to any method by which authorized and unauthorized users are able to get around normal security measures and gain high level user access (aka root access) on a computer system, network, or software application.”

Backdoors are often installed by software or hardware makers as a deliberate means of gaining access to their technology after the fact. While backdoors are useful for helping customers who are hopelessly locked out of their devices, they present a wide open door to bad actors and attackers.

Intel’s Secure Enclave SGX require encryption keys only Intel has. This makes the encryption keys inherently a backdoor malicious code can use to find its way into the Secure Enclave. In fact, SGAxe is an example of such and attack. In that example, it wasn’t hard to reverse engineer Intel’s keys.

Single Vendor Key Security Models

Security models where one vendor has all the keys are fundamentally backdoors, and are fundamentally broken. A better security model would involve distributing keys amongst different models. No one person has all the U.S. nuclear launch codes for example.

Private Key Security Models

An even better model would involve simply not baking keys into hardware at all, but instead allowing the consumer to dynamically load his or her own encryption keys into the hardware as needed. This is known as a private key security model.

This is the gold-standard security model Chip11 holds itself to. Incidentally, SSL(and friends such as TLS) power the internet and also use private keys in their security models. Private key security models are nothing new, and public-private key encryption models have been studied since the 70s, some of which have been proven mathematically to be quite sound.