providing the ciphertext

using a sequence of key bits that loads one by one

loading all the key bits into the locking gates

testing out all combinations

adding encryption engine that implements AES

adding flip-flops (and states to the FSM)

inserting a hardware trojan

adding XOR/XNOR gates

placement of flip-flops

identity theft, blackmail, extortion

locking a computer system

misappropriate electronic funds

misappropriate electronic funds

steal valuable intellectual property

act of god

indemnification

adding countermeasures

extending encryption

protecting intellectual property

securing hardware systems

withhold information from all those affected

consider the cost of cybersecurity within the organization

disclose risks, when known, to those affected

remotely cause damage or destruction

Have we prepared for the worst scenario?

What encryption do we use?

Have we struck a balance and all agree on it?

How do we securely store information?

What are the gray areas in our responses?

What do we do if agencies told us to weaken encryption?

What do we do if we’re told to violate our duty?

How do we monitor our network without intruding on our users?