[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why I have a 512 bit PGP key

To: [email protected]
Subject: Re: Why I have a 512 bit PGP key
From: [email protected] (Eric Hughes)
Date: Tue, 27 Dec 1994 20:54:56 -0800
In-Reply-To: <[email protected]> ([email protected])
Sender: [email protected]

   From: "Ian Farquhar" <[email protected]>

   I take it you mean recompile the binary every time?  Because you'd
   need to have source around to recompile it from, and the attacker
   could modify that source even more easily than he or she could hack
   the binary.  The idea is to make tampering with the binary detectable.

Recompile the binary from newly uploaded source each time.  MD5 source
isn't more than about 10K long.  That's all of a few seconds of upload
time.

   I am pretty much certain that to make such
   a system perfectly secure under these conditions is impossible.  

That's right.

Eric

Follow-Ups:
- Re: Why I have a 512 bit PGP key
  - From: "Ian Farquhar" <[email protected]>

References:
- Re: Why I have a 512 bit PGP key
  - From: "Ian Farquhar" <[email protected]>

Prev by Date: Re: Why I have a 512 bit PGP key
Next by Date: Re: Why I have a 512 bit PGP key
Prev by thread: Re: Why I have a 512 bit PGP key
Next by thread: Re: Why I have a 512 bit PGP key
Index(es):
- Date
- Thread