NHacker Next
  • new
  • past
  • show
  • ask
  • show
  • jobs
  • submit
Baochip-1x: A Mostly-Open, 22nm SoC for High Assurance Applications (bunniestudios.com)
23 points by sohkamyung 7 hours ago | 2 comments
zachbee 6 hours ago [-]
Their AES implementation uses old-school 2-share boolean masking [1], which has been shown to be insecure since 2005 [2][3]. A modern implementation would use domain-oriented masking [4], like OpenTitan does. Pretty bad look for Crossbar.

[1] https://github.com/baochip/baochip-1x/blob/main/rtl/modules/... [2] https://link.springer.com/chapter/10.1007/978-3-540-30574-3_... [3] https://static.aminer.org/pdf/PDF/000/086/973/successfully_a... [4] https://eprint.iacr.org/2016/486

f_devd 2 hours ago [-]
That sucks, but also probably the best vindication for their strategy; any other mcu and you just wouldn't know.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact
Rendered at 12:06:46 GMT+0000 (Coordinated Universal Time) with Vercel.