Learn to use AI like a Pro. Learn More

Investigating CPU Security

How to prove (with C code) if the NSA has backdoored your CPU

Estimated read time: 1:20

    Learn to use AI like a Pro

    Get the latest AI workflows to boost your productivity and business performance, delivered weekly by expert consultants. Enjoy step-by-step guides, weekly Q&A sessions, and full access to our AI workflow archive.

    Canva Logo
    Claude AI Logo
    Google Gemini Logo
    HeyGen Logo
    Hugging Face Logo
    Microsoft Logo
    OpenAI Logo
    Zapier Logo
    Canva Logo
    Claude AI Logo
    Google Gemini Logo
    HeyGen Logo
    Hugging Face Logo
    Microsoft Logo
    OpenAI Logo
    Zapier Logo

    Summary

    In a captivating and enlightening video, Dr. Jonas Birch guides viewers through a meticulous process to discover potential backdoors in CPUs, supposedly inserted by the NSA. The 15-minute presentation dives into cybersecurity research, promising to verify theories with practical C code. Dr. Birch lays the groundwork for a coding project aimed at detecting these backdoors, explaining technical details in an engaging manner, while providing insights into possible vulnerabilities within CPU architectures. With a promise to both prove and disprove backdoor existence through scientific methods, this episode sets up an intriguing exploration in the realm of cybersecurity.

      Highlights

      • Dr. Birch promises to reveal truth about potential NSA CPU backdoors using C code. ๐Ÿ”
      • Prepares a detailed code setup using standard templates and Makefiles with explanations. ๐Ÿ–ฅ๏ธ
      • Provides insights into bitcoins, sub-keys, and the potential methods used for encryption backdoors. ๐Ÿ’ก
      • Shows utility functions to convert between word and subword formats, essential for later coding steps. ๐Ÿ”„
      • Engages viewers with promises of more educational content if they stay tuned and subscribe. ๐Ÿ“ข

      Key Takeaways

      • The video delves into the potential of NSA backdoors in CPUs, starting with theory and moving to practical code demonstrations. ๐Ÿ”
      • Dr. Birch emphasizes using research-backed methods to explore and verify these cybersecurity suspicions. ๐Ÿง 
      • Detailed explanation of code setup and logical steps is provided to follow along or replicate the investigation. ๐Ÿ–ฅ๏ธ
      • The coding process involves C language to create a template project for detecting backdoors. ๐Ÿ“œ
      • Viewers are encouraged to explore further, with procedural breakdown making it engaging and educational! ๐ŸŽ“

      Overview

      Dr. Jonas Birch sets the scene with an introduction that raises eyebrows, hinting at NSA backdoors in your CPU! He insists this is no conspiracy theory but a research-backed investigation. Who knew cybersecurity could be so provocative and exhilarating?

        With a confident stride, Dr. Birch explains the step-by-step process to possibly proveโ€”or debunkโ€”these theories using good ol' C programming. He dives into the specifics, like how standard templates and macros help push the investigation further. Even if you're not a coding whiz, you'll appreciate the clarity and enthusiasm he brings!

          Wrapping up, Dr. Birch teases the next part of his journey, inviting viewers to join him as he digs further into encryption and sub-key magic. With promises of more coding adventures and discoveries, this episode ends, leaving us eager for the next. Don't you just love the thrill of a good cybersecurity mystery?

            Chapters

            • 00:00 - 00:30: Introduction and Background In the chapter titled 'Introduction and Background', the narrator greets the audience and emphasizes that the information provided is neither clickbait nor a conspiracy theory. The chapter sets the stage for the subsequent discussion by promising to deliver facts and credible content.
            • 00:30 - 01:30: Setting Up the Template Project The chapter titled 'Setting Up the Template Project' underscores the significance of the steps involved in establishing the foundations of a cybersecurity initiative. The narrator emphasizes the critical nature of the forthcoming information, highlighting that it is rigorously supported by world-renowned cybersecurity researchers, inclusive of doctors and professors from esteemed universities globally. The chapter promises to furnish the audience with a list of sources to substantiate the claims and methodologies discussed, ensuring credibility and reliability in the setup process.
            • 01:30 - 03:00: Configuring the Build System The chapter titled 'Configuring the Build System' focuses on the process of researching, analyzing, and coming to a conclusion about a particular system or problem related to build systems. The discussion builds towards a practical demonstration or experiment where the theories or ideas presented are either confirmed or refuted through coding.
            • 03:00 - 05:00: Understanding Key Definitions and Types In this chapter, the focus is on understanding key definitions and types. The chapter begins with an emphasis on using scientific methods to ascertain the truth of specific claims or hypotheses. It sets the stage for exploring fundamental concepts and encourages a clear understanding of terminologies used in scientific discourse.
            • 05:00 - 06:00: Explaining the Encryption Backdoor Theory The chapter titled 'Explaining the Encryption Backdoor Theory' introduces the concept of encryption backdoors. It provides an overview of what encryption is, why it's important for privacy and security, and how backdoors can potentially undermine these aspects. The chapter likely explores different viewpoints on the necessity and risks of implementing backdoors, citing examples and possibly discussing real-world implications. Concluding thoughts might focus on the balance between national security and individual privacy rights.
            • 06:00 - 12:00: Key Schedule Algorithm This chapter focuses on the Key Schedule Algorithm. It begins with a setup for coding the algorithm, emphasizing the foundational elements that form the basis of the Key Schedule within cryptographic systems. The chapter progresses into the specifics of implementing the algorithm in code and demonstrates the steps for arranging or generating key material for cryptographic operations. It is crucial for maintaining data integrity and secure communication.
            • 12:00 - 19:30: Creating Utility Functions The chapter titled 'Creating Utility Functions' begins with a quick start, indicating a fast-paced introduction to developing utility functions. The transcript simply contains 'Right away.', suggesting an immediate dive into content without preamble. The chapter likely focuses on practical steps in writing code for utility functions, which are key tools for simplifying and managing code efficiently. As the content progresses, expect discussions on best practices, examples, and possibly challenges in refining helpful functions in programming, emphasizing hands-on implementation and learning through doing.
            • 19:30 - 21:00: Conclusion and Next Steps In this chapter, the author discusses the successful creation of a template project and outlines potential future steps to build upon this foundation. The focus is on moving forward with developments or projects, hinting at the possibilities and directions that can be taken next.

            How to prove (with C code) if the NSA has backdoored your CPU Transcription

            • 00:00 - 00:30 Sup, guys Welcome to today's show. First off, this is not clickbait. This is not a conspiracy theory. Everything I'm about to tell you in the following 15 minutes
            • 00:30 - 01:00 and this might be the most important 15 minutes of your life. Everything I'm about to tell you is 100% backed by research by the top researchers in the field of cybersecurity in the world. It is doctors and professors at the finest universities all around the world. And I will provide you with a list of sources
            • 01:00 - 01:30 at the end of this sequence. And then based on this research, I will draw my own conclusion and ask some rhetorical questions. But the important thing is, at the end of this story that I'm about to tell you, we are going to prove it or disprove it in code.
            • 01:30 - 02:00 So we will know for sure using scientific methods if this is true or not. Let's commence. Sup guys.
            • 02:00 - 02:30 We have a lot of ground to cover.
            • 02:30 - 03:00 So let's get started with the code.
            • 03:00 - 03:30 Right away.
            • 03:30 - 04:00 I have created a template project
            • 04:00 - 04:30 based on my first B.S.
            • 04:30 - 05:00 template build system.
            • 05:00 - 05:30 It's in the repo.
            • 05:30 - 06:00 I'm just going to change a few things.
            • 06:00 - 06:30 It's a pretty empty safe.
            • 06:30 - 07:00 Has created three files, so I don't see file, which is pretty empty.
            • 07:00 - 07:30 And then we have
            • 07:30 - 08:00 some includes in the H file.
            • 08:00 - 08:30 We have some type definitions of different integers
            • 08:30 - 09:00 and we have a couple of macros converting
            • 09:00 - 09:30 between the types
            • 09:30 - 10:00 and it's a pretty standard
            • 10:00 - 10:30 Makefile as well.
            • 10:30 - 11:00 Just compiles this dutchie for
            • 11:00 - 11:30 one thing though,
            • 11:30 - 12:00 the c standard is set to c2x by default.
            • 12:00 - 12:30 If you are running the latest GC version, which I am
            • 12:30 - 13:00 if 14 something,
            • 13:00 - 13:30 you should change this to c 23.
            • 13:30 - 14:00 But otherwise you can use the default C to X
            • 14:00 - 14:30 or you can remove this word.
            • 14:30 - 15:00 And I'm also going to change those macros.
            • 15:00 - 15:30 So I want this to be one by two, by four by eight.
            • 15:30 - 16:00 But so that's how, how we reference those.
            • 16:00 - 16:30 I also want to create
            • 16:30 - 17:00 a type definition for a big
            • 17:00 - 17:30 int and
            • 17:30 - 18:00 128 bit integer
            • 18:00 - 18:30 because we're going to need it when we create our key.
            • 18:30 - 19:00 Scared to death.
            • 19:00 - 19:30 By the way, I hadn't named this case keys.
            • 19:30 - 20:00 And I'm going to describe what that means in a little while.
            • 20:00 - 20:30 So we're going to use an find
            • 20:30 - 21:00 in 128
            • 21:00 - 21:30 and that's going to be our in work IDs like so. And let's also create in the use for that. So W 16 well it will be in 28 and I'm also going to create a couple
            • 21:30 - 22:00 of other other types. First of all, we need to have a All right. So we're going to define a in the 32, which we're going to call a word. So a word usually depicts a in 16, but in the sense of the as encryption
            • 22:00 - 22:30 they call and in 32 a word. So that's what we're going to use. We are also going to need a 128, which will be a key because the keys are 128 in the in what we are focusing on, there are different variants of the
            • 22:30 - 23:00 S stuff, but let us start there. And in there. By the way, there are two they things that they two routes they could have taken when it comes to backdooring and the CPU is instructions either the third key schedule, which basically is used to create something called sub keys
            • 23:00 - 23:30 and it's the sub keys that actually Lee encrypts the data and, but we use the regular key to create those and that will typically do today. And the other way is the actual encryption encryption. And this is the most probable thing I would say because it's
            • 23:30 - 24:00 simpler and more effective, but it could be either one. So we will first test the key schedule and then will test the encryption steps. And you take what this program is going to do. It's going to do what HS does. It takes 1.8 bits key
            • 24:00 - 24:30 and it produces 11 sub keys of the same lib. So 128 And then these are divided in a total of 44, so regular in 32. And that's those words here. So we need to have an array
            • 24:30 - 25:00 for that. So let's take that as well. Let's say we have well it's going to be an array of words, so let's call this we're already in and we need 44 plus.
            • 25:00 - 25:30 And so let's see, is it anything else Know who will. Let's see. Let's define the functions we're going to need. And first I'm going to go
            • 25:30 - 26:00 and grab the algorithm for the case schedule. I don't know this one by heart. So this is what we are going to follow. And it looks pretty intimidating, but it's it's not so advanced after all. So
            • 26:00 - 26:30 in this 44 array, we go word for word, and every fourth word uses this formula. And the other three in a row uses this. So first you do this, then you do this three times,
            • 26:30 - 27:00 and then you do this all the way through the whole array. So basically what we're going to do is we're going to figure out the index of the actual word that we're going to change and we're going to change it by the by an earlier word. So let's say this is the fourth
            • 27:00 - 27:30 word, then maybe we take the data from the first and do something, and then maybe in the fifth, we take from the stack and then so, so on and so forth. So here we just grab the right value. Here we also grab the right value and not piece of this word right,
            • 27:30 - 28:00 and we run it through the G function. And the G function is pretty advanced. So we'll take the last, but I will create a dummy function for that. So it's going to return a word and it's going to take a word as an input. And also what we are.
            • 28:00 - 28:30 So there are 11 subjects. So we do 11 rounds of this. And for now I will only read the inputs W but later on we will fill this out with real calculations. But that's the last step here.
            • 28:30 - 29:00 We'll just iterate through these and copy some stuff around. And one note, the for first of these words is the input key. So the first thing we'll do is take the key key. If we'll zero out all of these 44 we will take the input key and put it in in the set of
            • 29:00 - 29:30 index 012 and three. And then we start doing this from the fourth and onwards. So that's how it's going to work. So let's define this g function. It goes from word to word and we have a as the round.
            • 29:30 - 30:00 We are also going to need to helper functions because we need to convert between words which are 32 bits in an integer and the individual bytes there's four bytes in it and so we need to grab those four both in an easy enough kind of way. And so let's, let's see,
            • 30:00 - 30:30 we can call those sub words can even define type for them. So typed in it's going to be a and they are sub words, Sub words let's see. And there's,
            • 30:30 - 31:00 there are four four of them. And can we do it like this. We can return a an array like the I think it will be easier if we just do this and then we use it. It's a pointer. So we're going to have one function which takes a word
            • 31:00 - 31:30 and it produces sub words. The word to sub. So in it's going to return and it's going to take a word. So an integer, and then we're going to have a function for the other way around. So the return value will be a word
            • 31:30 - 32:00 we're going to call this sub word to word, and we're going to take sub word, stop the the vice versa. And okay, what else do we need? Well, we need to have a main function. Let's just define it like this for now.
            • 32:00 - 32:30 And finally, we need to have the actual function that calculates these sub keys. So let's call the generate keys and it's going to return. Yeah, actually it's actually going to return a word array like this.
            • 32:30 - 33:00 But since we cannot return an array, what we're going to do instead is just use a word pointer and then allocate as much as we need. So the words store and return value and the input is
            • 33:00 - 33:30 is just a key and it's its key like this, right? So let's see word and this is a word we know it's right.
            • 33:30 - 34:00 Okay. So if and then so we need and let's start with those small utility functions that just basically takes an integer and splits it up into four buttons and vice versa. So let's see. And if you wonder why I haven't commented this out, I will come and then out.
            • 34:00 - 34:30 Of course, when we are going to compile. But it's harder to read without the colors. So I want to keep them like this as long as I can. Okay, so let's go. We will start with the word to sub word.
            • 34:30 - 35:00 So this will return a sub word or is going to take a word W And we can do this in just a few lines. But I think it's easier to do to use some intermediate variables. It's easier not to make mistakes.
            • 35:00 - 35:30 So let's create a sunny day, A, B, C, D, which will be our output variables. And we also need the sub word point and in hexadecimal the integer of 32 bit it looks something like this.
            • 35:30 - 36:00 So the DCC, the B, so we want to grab those A's. That's the lowest part of the number and put inside of the A and then B to B, C to C and so on and so forth. Right. Let's see. How did we find some word, by the way, in it.
            • 36:00 - 36:30 Yeah, that's right. And how do we grab something. Well we use some binary bitwise operations and if you want to know more about how they work and you should watch my episode binary Operations, I go through it very in-depth,
            • 36:30 - 37:00 so I will not explain every step of this because I have done so in a couple of videos now and I want to focus this video and the things that matters for this program. Okay, So let's see. Let's start by grabbing those A's. And we do that by selecting them
            • 37:00 - 37:30 using a so called mask. So we want to create the mask that has zeros where we are not interested in the data and we have FS where we are. So as you can see, we have the same number of numbers here and those six are zeros, which we are not interested in the D's or the seeds or the beads.
            • 37:30 - 38:00 We are only interested in the A's. And since these zeros are at the beginning of the number, we can reduce them to just this, which means the E would be equal to the word that we take as an input and we do an operation
            • 38:00 - 38:30 against that mask. And now we have a simple enough, but it's a little bit trickier when we do the B's though, because if we fill in those zeros again, this time we want those two.
            • 38:30 - 39:00 So we remove those zeros. It will put zeros right here. So for everything is okay. But when we do this end operation, the results is going to be we have the zeros here and we have the C,
            • 39:00 - 39:30 and then we get our B's, and then we get two zeros at the end and zeros on the right side murders. So this will be reduced to this. So we need to take those two zeros and push the B's to the right. So it'll be like this.
            • 39:30 - 40:00 We take the W word and we run it against. This. So now we have this. And now we need to push them a bit to the right because two digits, two hexadecimal digits is eight bits. And so if you push those to the right, we will end up with
            • 40:00 - 40:30 just two bits and we can do the same nickname with the other one. So we just keep in adding serials here. And this week these 16 bits that push in in order to get the D we do the same that we have the,
            • 40:30 - 41:00 the serial 00000. We push this limit forward. So if I had calculated calculated this correctly now we should have our values inside of here. So now we simply need to return them in some way and let's make an allocation.
            • 41:00 - 41:30 So let's start by defining the size and size. It's going to be equal to the well. We can see just the size of this word for.
            • 41:30 - 42:00 So we're p will be equal to this word. This did not look of sense and we need to cast this to an integer because the size is 60 and we can insert that. We have ap0.
            • 42:00 - 42:30 We and then we should put the this stuff. So let's see how it is to the let's create another point
            • 42:30 - 43:00 called red. So red two will be equal to this. So with zero and then we would be the words react
            • 43:00 - 43:30 and the first position should hold the a set is equal to A, but we will also increase P afterwards because then we can just like this.
            • 43:30 - 44:00 We don't need to increase after you put the last one there and now we can simply turn and we have our utility to function. We also need one to go, the other direction. And that's actually a bit simpler since we don't need to allocate and stuff,
            • 44:00 - 44:30 we can just return the A word. And so let's see, this is sub word to word. It's going to return word. It is going to take this word. Yes. W We are going to assert
            • 44:30 - 45:00 that we have a sub word and if you don't do it, a third is it's basically check this condition. And if it's true, nothing happens. If it's false, it exits the program with an error message. But it's quite simple to use in application like this in order to handle the error
            • 45:00 - 45:30 cases. Okay, so let's see what is the easiest way to achieve this? Let's see.
            • 45:30 - 46:00 Maybe we can have a word pulling symbols and yeah, if we if we just pull this two words, the sub word,
            • 46:00 - 46:30 we need to cast this thing or I think the memory is in the right order for it to just work like this. Well, I guess we'll see you be so in this case. In that case, we could use the
            • 46:30 - 47:00 star P like this. So guess if they are in the right order, which they are and probably know, by the way, how did we put them there? First we put a so, so A is it in the zero then we need let's see
            • 47:00 - 47:30 do the let's let's try to see what happens. So let's say we have a word W and we have sub the first W, but let's see we take an let's say
            • 47:30 - 48:00 we had a word that we set to a, B, C, D, and then we set a word equal to word to some word that we give it the word.
            • 48:00 - 48:30 And then the same for the errors. Now I'm just going to print something from it. So let's say we print the decimal values of two of them. We would see h h it is for printing one by
            • 48:30 - 49:00 then we do the same again some two x and O two is the number of digits we want to go to print we want to print. Let's see the first word and then the
            • 49:00 - 49:30 third is maybe we don't. Then let's be good. And over in the case like so let's see this compiles
            • 49:30 - 50:00 all four that come out. Those things we heard in here of the word is not print and this is the age for 26
            • 50:00 - 50:30 and this is here 2636. Those numbers they write this this word,
            • 50:30 - 51:00 nothing else in it mean three. It's also true. We don't need any and compound will work.
            • 51:00 - 51:30 So let's see. Yes. The first answer let's see, are they in the order we want to This is the first in the array
            • 51:30 - 52:00 so I guess we can work with that. We just need to match it on the other end. So let's see if we try to go back then if we have word to free this thing, we say we're two equal to so word to word
            • 52:00 - 52:30 and we give the sub word. This thing, this should be a regular. It's with a digits. This is two.
            • 52:30 - 53:00 Yes. We get no no here would begin with a and we had the other way around right. No we begin with a okay so then everything works. We have successfully created first functions
            • 53:00 - 53:30 all that is left. Well, that's quite a lot, but the next thing we would want to do is to create this generate keys kind of thing. And then after that we will create the G. But I think this is enough for one episode. I really hope you liked episode a very special one.
            • 53:30 - 54:00 Please like and subscribe and then we will see each other very soon. Thanks for watching. Thanks.