nVidia FBI Backdoor – What The Hell?

So apparently this is making its way around the net that Templar is some backdoor in nVidia GPUs that lets the FBI in or some such thing.

I went ahead and downloaded it (as it is potentially malicious or illegal I will not be linking it) and I see nothing “backdoorish” about this. It looks like it’s for RSA Encryption cracking (specifically bruteforcing, as in I see nothing showing it taking advantage of flaws.) A few .txt files reference prime number factoring and sieve. RSA is based on the principle that you it’s really difficult to do this type of math programatically so it just looks like this tries to do it via CUDA and sieve to speed things up.

Update: Skip To The Summary (at the end of the post)

And then I got to Red_Cross_Dress.txt

Templar is an NVIDIA CUDA implementation of the Pollard Rho factoring
method, and includes birthday attack optimizations collectively
referred to as a “reduction sieve” attack.

More details about RSA CUDA, confirming my suspicion. The code looks to do what the txt files are talking about, or at least nothing outright scary but I haven’t looked extensively at it, it’s 6:00AM and I’m too tired. Literally not one line so far has stood out as anything.

There are a lot of references to work done by Jason Papadopoulos and a few other crypto/ math people. A lot of references to optimizing it for CUDA. Absolutely nothing backdoor-ish.

Most of the code is stuff like:

/* find a GPU */

gpu_init(&gpu_config);
if (gpu_config.num_gpu == 0) {
printf(“error: no CUDA-enabled GPUs foundn”);
exit(-1);
}
if (which_gpu >= (uint32)gpu_config.num_gpu) {
printf(“error: GPU %u does not exist ”
“or is not CUDA-enabledn”, which_gpu);
exit(-1);

And then basically a ton of math like A^B -N blah blah blah crypto.

So, not a backdoor. I’m not sure where the FBI thing came from as I see no indication of their involvement or any government involvement (other than their involvement in creating the actual tool, not a backdoor, which I guess is possible.)

This particular attack method should prove effective against public key
encryption methods such as RSA and Diffie Helman, as well as ECDLP key
materials used within elliptical curve encryption methods. In addition,
it would also appear that this method of reducing input candidates can
also be used against the S-boxes of conventional block ciphers such as
DES/3DES and the AES, by analyzing each S-box mod 9 and then reducing
the possibilities for predecessor round S-boxes in this same fashion.

I guess that’s plenty scary. I’ll see if I can contact someone who knows crypto in depth tomorrow. I’ll update this post as I continue to look at the code/ .txt.

If it is actually a backdoor for nvidia I guess it’s masquerading as an RSA cracker but, again, I’ve seen nothing to suggest this. I’m actually pretty sure Templar is a tool already out there.

Update:

It seems the source is http://cryptome.org

FBI Backdoor: Templar NVIDIA GPU Factoring Suite March 29, 2012
 with the attached .zip.
Someone then pastebinned (or some such thing) a message essentially stating “omg im not downloading this but its a backdoor TELL EVERYONE”
Other sites and twitter tweets have picked up the story and linked to the zip archive.

But, what is inside?

No one seems to know or wants to blog/tweet/talk about it on discussion forums, searching the web only reveals links to cryptome's url for the zip archive.

I'm not downloading the zip, but I'd like to know what is inside. Is this a separate program offered by NVidia, a hardware or firmware exploit?

What?

Please begin posting to blogs and discussion forums indexed by Google and other search engines, what this mystery zip archive contains!

Is anybody reading this?
 Summary
This RSA cracking tool Templar is being labeled a backdoor even though it doesn’t exploit any flaws in the encryption or any flaws in any system. I see no evidence of it being FBI driven but I wouldn’t even be remotely surprised as both the FBI and NSA are pretty publicly interested in this type of thing.
Yes, it’s creepy that the tool exists. No, it’s not a backdoor. When people say “backdoor” everyone thinks built in vulnerabilities. The evidence of this being a dozen posts/ tweets about it that I’ve read looking for information that amounted to “The FBI put a backdoor in nVidia” when this does not appear to be true, at least not with the code presented.

Why I Won’t Be Buying ATI Again

I run a nice midrange laptop with a nice i5 520m, 8GB of RAM, a hybrid drive, and an ATI 5650.

The performance is really exactly as I’d expect, I can play the games I want to play and I can watch HD videos while I browser and talk to friends all at once without a stutter and without my computer burning up.

The GPU has performed admirably and I’m entirely happy with its performance.

But AMD for whatever reason (I guess performance) will not work with PAX or full system ASLR. There are actually buffer overflows in the code that prevent me from turning ASLR on to the full extent that I’d like and because of the hardcoded address space I can’t (at least on Windows) turn ASLR to anything other than “Application Opt-In.”

That’s really not acceptable. GPU security issues aren’t super new and they’re plenty talked about. I get that in the past it wasn’t a priority, of course. But things have changed. We have OpenGL now and we have the GPU integrated into virtually every process. The GPU isn’t just about games (which are also now online) it’s used in everything… like my browser (or this?), like Flash, my UI, and multiple other programs.

AMD/ATI, step it up. I may not be buying another system for years but if I were buying one tomorrow I’d go nVidia.