1994-12-28 - Re: Why I have a 512 bit PGP key

Header Data

From: Matt Blaze <mab@crypto.com>
To: cypherpunks@toad.com
Message Hash: 59909c47196e855ec3b5b6b38b159526a3aac885e90b8dfb62a7ca43613deebc
Message ID: <199412282021.PAA12355@crypto.com>
Reply To: N/A
UTC Datetime: 1994-12-28 20:20:29 UTC
Raw Date: Wed, 28 Dec 94 12:20:29 PST

Raw message

From: Matt Blaze <mab@crypto.com>
Date: Wed, 28 Dec 94 12:20:29 PST
To: cypherpunks@toad.com
Subject: Re: Why I have a 512 bit PGP key
Message-ID: <199412282021.PAA12355@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>A compiler can recognize one specific piece of code or a few 
>specific peices of code and do something perverse.  It cannot 
>recognize functionally equivalent code, this
>being a high order artificial intelligence problem.
>
>Thus if someone used a perverted compiler to develop, debug, and
>enhance the targe code, he would immediately discover the compiler
>was perverted.
>

If I were going to implement a compiler-based attack against a
piece of security software, I'd probably do it entirely by altering
the linker.  That is, I'd have the linker recognize that it was
emiting a program called "pgp" or "pem" or "cfs" or whatever and
have it put a wrapper around the final executable module that simply
records any I/O and sends it to me.  With shared libraries, building
such a wrapper would be especially easy; just have all I/O go to your
library instead of the standard one.

It's also not hard to imagine ways in which such an attack could
be extended to fool even customized versions of systems like tripwire
into always reporting fixed results when run on particular files.

-matt





Thread