1993-02-18 - Trapdoors (Not Very Likely)

Header Data

From: root@rmsdell.ftl.fl.us (Yanek Martinson)
To: ssandfort@attmail.com
Message Hash: 3e01e718de7ac279a90aae436c2ce0bfa0481c02f3d98b4f32cf77b44b0c6a9a
Message ID: <m0nPGWp-0002m0C@rmsdell.ftl.fl.us>
Reply To: N/A
UTC Datetime: 1993-02-18 19:42:43 UTC
Raw Date: Thu, 18 Feb 93 11:42:43 PST

Raw message

From: root@rmsdell.ftl.fl.us (Yanek Martinson)
Date: Thu, 18 Feb 93 11:42:43 PST
To: ssandfort@attmail.com
Subject: Trapdoors (Not Very Likely)
Message-ID: <m0nPGWp-0002m0C@rmsdell.ftl.fl.us>
MIME-Version: 1.0
Content-Type: text/plain


> Intel or MicroSoft?  Is there some way to be sure that the new
> 486 chip running your computer isn't recording each PGP or RSA
> private key you generate?

This is not very likely.  There would be several problems for anyone
attempting this.  First, where do you store it?  On-chip non-volatile
memory?  Second, how would the chip know that it was generating
a private key?  This would almost require artificial intelligence. 
You can't just scan for a sequence of instructions currently used
by PGP, for they change with each version released.  Or would it
store ALL data that passes through it?  Third, how useful would
that be?  What if you generate your keys on a sub-notebook computer 
which you carry with you or store in a secure place at all times.

So, no, this is not something you need to worry about.

--
Yanek Martinson
yanek@novavax.nova.edu




Thread