[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Encryption Chips



At 11:52 AM 2/25/96 -0800, Timothy C. May wrote:
>At 4:47 PM 2/25/96, "A. Padgett Peterson P.E. Information Security"
>
>>The nice thing about am implimentation in software is that the code can be
>>examined for just this sort of thing *on a randomly selected operating unit*.
>>- hard to do with a chip.
>
>But of course one's compiler may have been subverted, as Ken Thompson
>showed some years back. Software implementations are sensitive to different
>sorts of attacks than hardware implementations are.

These things do not need to be verified at the source level.  One could
verify the output of the compiler and then publish a secure hash of it. 
(What an tedious job.)  There is infinite regress in these things, but I
would tend to trust a program which verified the secure hash of the crypto
system if that program was written after I received the release of the
compiler I am compiling it with.

Regards - Bill


------------------------------------------------------------------------
Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
[email protected] | dead teenagers | Los Gatos, CA 95032, USA