1994-12-28 - Re: Why I have a 512 bit PGP key

Header Data

From: “Perry E. Metzger” <perry@imsi.com>
To: eric@remailer.net (Eric Hughes)
Message Hash: 7002e542fea3d5cdaf26991ff831716de15c58cdd48e7e7345da0b54a35d925d
Message ID: <9412280307.AA03703@snark.imsi.com>
Reply To: <199412280240.SAA02061@largo.remailer.net>
UTC Datetime: 1994-12-28 03:07:54 UTC
Raw Date: Tue, 27 Dec 94 19:07:54 PST

Raw message

From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 27 Dec 94 19:07:54 PST
To: eric@remailer.net (Eric Hughes)
Subject: Re: Why I have a 512 bit PGP key
In-Reply-To: <199412280240.SAA02061@largo.remailer.net>
Message-ID: <9412280307.AA03703@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Eric Hughes says:
>    From: "Ian Farquhar" <ianf@sydney.sgi.com>
> 
> re: personal account tripwire
> 
>    The problem is that although you can protect the data file of
>    hashes (by using a pass phrase to encrypt it), protecting the
>    binary which does the checking is rather more difficult.
> 
> Why not recompile the binary?  All it needs to be is something like
> md5.c.

Read Ken Thompson's Turing Award lecture for why that isn't
sufficient. Its quite amusing.

Lets face it -- if you are truly paranoid, you have to carry your
machine around with you at all times and chain it to you.

Its all a question of threat model. For national security type attacks
nothing less than "chain machine to wrist" will do. For stopping a
casual attack, much less is needed. Its all in the threat model...

Perry

Thread

• Return to December 1994

• Return to “Adam Shostack <adam@bwh.harvard.edu>”
• Return to “eric@remailer.net (Eric Hughes)”
• Return to ““Ian Farquhar” <ianf@sydney.sgi.com>”
• Return to “Jeff Barber <jeffb@sware.com>”
• Return to “Matt Blaze <mab@research.att.com>”
• Return to ““Perry E. Metzger” <perry@imsi.com>”

• Return to “Thomas Grant Edwards <tedwards@src.umd.edu>”

• 1994-12-23 (Fri, 23 Dec 94 12:38:05 PST) - Why I have a 512 bit PGP key - Matt Blaze <mab@research.att.com>
  • 1994-12-28 (Tue, 27 Dec 94 18:08:12 PST) - Re: Why I have a 512 bit PGP key - “Ian Farquhar” <ianf@sydney.sgi.com>
    • 1994-12-28 (Tue, 27 Dec 94 18:41:01 PST) - Re: Why I have a 512 bit PGP key - eric@remailer.net (Eric Hughes)
      • 1994-12-28 (Tue, 27 Dec 94 19:06:49 PST) - Re: Why I have a 512 bit PGP key - Adam Shostack <adam@bwh.harvard.edu>
      • 1994-12-28 (Tue, 27 Dec 94 19:07:54 PST) - Re: Why I have a 512 bit PGP key - “Perry E. Metzger” <perry@imsi.com>
        • 1994-12-28 (Tue, 27 Dec 94 20:52:26 PST) - Re: Why I have a 512 bit PGP key - eric@remailer.net (Eric Hughes)
      • 1994-12-28 (Tue, 27 Dec 94 19:08:10 PST) - Re: Why I have a 512 bit PGP key - “Ian Farquhar” <ianf@sydney.sgi.com>
        • 1994-12-28 (Tue, 27 Dec 94 20:55:04 PST) - Re: Why I have a 512 bit PGP key - eric@remailer.net (Eric Hughes)
          • 1994-12-28 (Tue, 27 Dec 94 21:39:09 PST) - Re: Why I have a 512 bit PGP key - “Ian Farquhar” <ianf@sydney.sgi.com>
            • 1994-12-28 (Tue, 27 Dec 94 23:13:16 PST) - Re: Why I have a 512 bit PGP key - eric@remailer.net (Eric Hughes)
              • 1994-12-28 (Wed, 28 Dec 94 06:03:12 PST) - Re: Why I have a 512 bit PGP key - Jeff Barber <jeffb@sware.com>
                • 1994-12-28 (Wed, 28 Dec 94 07:51:50 PST) - Re: Why I have a 512 bit PGP key - eric@remailer.net (Eric Hughes)
                  • 1994-12-28 (Wed, 28 Dec 94 08:40:21 PST) - Re: Why I have a 512 bit PGP key - Jeff Barber <jeffb@sware.com>
                    • 1994-12-28 (Wed, 28 Dec 94 14:28:09 PST) - Re: Why I have a 512 bit PGP key - Thomas Grant Edwards <tedwards@src.umd.edu>