1994-12-28 - Re: Why I have a 512 bit PGP key

Header Data

From: “Ian Farquhar” <ianf@sydney.sgi.com>
To: cypherpunks@toad.com
Message Hash: 17169d45d3afd69ae252f6c1af99b4ee69ad23ecc76b2d69ba3cdfe24c7ae0dc
Message ID: <9412281357.ZM11227@wiley.sydney.sgi.com>
Reply To: <199412280240.SAA02061@largo.remailer.net>
UTC Datetime: 1994-12-28 03:08:10 UTC
Raw Date: Tue, 27 Dec 94 19:08:10 PST

Raw message

From: "Ian Farquhar" <ianf@sydney.sgi.com>
Date: Tue, 27 Dec 94 19:08:10 PST
To: cypherpunks@toad.com
Subject: Re: Why I have a 512 bit PGP key
In-Reply-To: <199412280240.SAA02061@largo.remailer.net>
Message-ID: <9412281357.ZM11227@wiley.sydney.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


On Dec 27,  6:40pm, Eric Hughes wrote:
>    The problem is that although you can protect the data file of
>    hashes (by using a pass phrase to encrypt it), protecting the
>    binary which does the checking is rather more difficult.
>
> Why not recompile the binary?  All it needs to be is something like
> md5.c.

I take it you mean recompile the binary every time?  Because you'd
need to have source around to recompile it from, and the attacker
could modify that source even more easily than he or she could hack
the binary.  The idea is to make tampering with the binary detectable.

Ultimately, the aim is to make it too difficult to break and thus cause
most people to give up.  I am pretty much certain that to make such
a system perfectly secure under these conditions is impossible.  What I
am aiming for, I suppose, is to make sure that there are no trivial attacks
which could compromise security.  If you've got a system admin who is
willing and capable of hacking exec in the kernel, then it's time to
move systems. :)

							Ian.

Thread

• Return to December 1994

• Return to “Adam Shostack <adam@bwh.harvard.edu>”
• Return to “eric@remailer.net (Eric Hughes)”
• Return to ““Ian Farquhar” <ianf@sydney.sgi.com>”
• Return to “Jeff Barber <jeffb@sware.com>”
• Return to “Matt Blaze <mab@research.att.com>”
• Return to ““Perry E. Metzger” <perry@imsi.com>”

• Return to “Thomas Grant Edwards <tedwards@src.umd.edu>”

• 1994-12-23 (Fri, 23 Dec 94 12:38:05 PST) - Why I have a 512 bit PGP key - Matt Blaze <mab@research.att.com>
  • 1994-12-28 (Tue, 27 Dec 94 18:08:12 PST) - Re: Why I have a 512 bit PGP key - “Ian Farquhar” <ianf@sydney.sgi.com>
    • 1994-12-28 (Tue, 27 Dec 94 18:41:01 PST) - Re: Why I have a 512 bit PGP key - eric@remailer.net (Eric Hughes)
      • 1994-12-28 (Tue, 27 Dec 94 19:06:49 PST) - Re: Why I have a 512 bit PGP key - Adam Shostack <adam@bwh.harvard.edu>
      • 1994-12-28 (Tue, 27 Dec 94 19:07:54 PST) - Re: Why I have a 512 bit PGP key - “Perry E. Metzger” <perry@imsi.com>
        • 1994-12-28 (Tue, 27 Dec 94 20:52:26 PST) - Re: Why I have a 512 bit PGP key - eric@remailer.net (Eric Hughes)
      • 1994-12-28 (Tue, 27 Dec 94 19:08:10 PST) - Re: Why I have a 512 bit PGP key - “Ian Farquhar” <ianf@sydney.sgi.com>
        • 1994-12-28 (Tue, 27 Dec 94 20:55:04 PST) - Re: Why I have a 512 bit PGP key - eric@remailer.net (Eric Hughes)
          • 1994-12-28 (Tue, 27 Dec 94 21:39:09 PST) - Re: Why I have a 512 bit PGP key - “Ian Farquhar” <ianf@sydney.sgi.com>
            • 1994-12-28 (Tue, 27 Dec 94 23:13:16 PST) - Re: Why I have a 512 bit PGP key - eric@remailer.net (Eric Hughes)
              • 1994-12-28 (Wed, 28 Dec 94 06:03:12 PST) - Re: Why I have a 512 bit PGP key - Jeff Barber <jeffb@sware.com>
                • 1994-12-28 (Wed, 28 Dec 94 07:51:50 PST) - Re: Why I have a 512 bit PGP key - eric@remailer.net (Eric Hughes)
                  • 1994-12-28 (Wed, 28 Dec 94 08:40:21 PST) - Re: Why I have a 512 bit PGP key - Jeff Barber <jeffb@sware.com>
                    • 1994-12-28 (Wed, 28 Dec 94 14:28:09 PST) - Re: Why I have a 512 bit PGP key - Thomas Grant Edwards <tedwards@src.umd.edu>